{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28675", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-02T21:43:19.926Z", "datePublished": "2026-03-06T04:22:58.374Z", "dateUpdated": "2026-03-09T19:49:23.221Z"}, "containers": {"cna": {"title": "OpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpoints", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-209", "lang": "en", "description": "CWE-209: Generation of Error Message Containing Sensitive Information", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-667g-rvcj-w976", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-667g-rvcj-w976"}, {"name": "https://github.com/OpenSift/OpenSift/pull/67", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/pull/67"}, {"name": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b"}, {"name": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/commit/de99b9c"}, {"name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha"}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"version": "< 1.6.3-alpha", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T04:22:58.374Z"}, "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha."}], "source": {"advisory": "GHSA-667g-rvcj-w976", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T19:49:13.118951Z", "id": "CVE-2026-28675", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:49:23.221Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28675", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T19:49:13.118951Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:49:19.291Z"}}], "cna": {"title": "OpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpoints", "source": {"advisory": "GHSA-667g-rvcj-w976", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"status": "affected", "version": "< 1.6.3-alpha"}]}], "references": [{"url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-667g-rvcj-w976", "name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-667g-rvcj-w976", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenSift/OpenSift/pull/67", "name": "https://github.com/OpenSift/OpenSift/pull/67", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "name": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "name": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-209", "description": "CWE-209: Generation of Error Message Containing Sensitive Information"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T04:22:58.374Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28675", "state": "PUBLISHED", "dateUpdated": "2026-03-09T19:49:23.221Z", "dateReserved": "2026-03-02T21:43:19.926Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-06T04:22:58.374Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*", "matchCriteriaId": "D1037E2F-1527-4C09-8D8D-78E56E6DDC78", "versionEndExcluding": "1.6.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha."}, {"lang": "es", "value": "OpenSift es una herramienta de estudio de IA que tamiza grandes conjuntos de datos utilizando b\u00fasqueda sem\u00e1ntica e IA generativa. Antes de la versi\u00f3n 1.6.3-alpha, algunos puntos finales devolv\u00edan cadenas de excepci\u00f3n en bruto a los clientes. Adem\u00e1s, el material del token de inicio de sesi\u00f3n qued\u00f3 expuesto en las respuestas de la interfaz de usuario/renderizadas y en la salida de rotaci\u00f3n de tokens. Este problema ha sido parcheado en la versi\u00f3n 1.6.3-alpha."}], "id": "CVE-2026-28675", "lastModified": "2026-03-18T13:04:29.440", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-06T05:16:35.900", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenSift/OpenSift/commit/de99b9c"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/OpenSift/OpenSift/pull/67"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Patch"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-667g-rvcj-w976"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-209"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.6.3-alpha)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenSift", "source": "cna", "vendor": "OpenSift"}, "product": "opensift", "vendor": "opensift"}], "analysis": {"en": {"generated_at": "2026-04-17T12:25:36.523873+00:00", "value": {"mitigation_remediation": ["Upgrade OpenSift to version 1.6.3\u2011alpha or later, which removes raw exception strings and hides token data.", "Reconfigure the application to suppress stack trace contents in error responses; ensure only generic error messages are returned to clients.", "Modify the UI and token rotation API to exclude any login token material from client\u2011side renderings, and confirm that no sensitive information is included in the response payloads.", "Enforce authentication and proper access control on the vulnerable endpoints to limit exposure to authorized users only."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "OpenSift prior to version 1.6.3\u2011alpha. All deployments that have the default configuration exposing raw exception messages and token payloads are affected. The vulnerability is limited to OpenSift products; no other vendors are impacted at this time.", "description_and_impact": "The vulnerability in OpenSift allows clients to receive raw exception strings from certain endpoints and to view login token material through the UI and token rotation responses. This exposure reveals implementation details and authentication tokens, which could be used by an attacker to gain sensitive information about the system configuration.", "risk_and_exploitability": "The CVSS base score of 5.3 and EPSS below 1% indicate a moderate likelihood of exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog. Based on the description, attackers who can send requests to the affected API endpoints may trigger unhandled exceptions, causing raw exception strings to be returned, and they may also retrieve login token material from the UI and token rotation responses. The exposure enables an attacker to gather sensitive implementation details and user authentication tokens. The risk is elevated when the vulnerable endpoints are accessible over the network, though the description does not specify authentication requirements. No privileged local access is required to exploit the disclosed information."}}}}, "created": "2026-03-06T14:55:53.056007+00:00", "updated": "2026-04-17T12:30:06.268135+00:00", "vendors": ["opensift", "opensift$PRODUCT$opensift"]}