{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28677", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-02T21:43:19.926Z", "datePublished": "2026-03-06T04:23:23.695Z", "dateUpdated": "2026-03-06T16:07:38.831Z"}, "containers": {"cna": {"title": "OpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal access", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9"}, {"name": "https://github.com/OpenSift/OpenSift/pull/67", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/pull/67"}, {"name": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b"}, {"name": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/commit/de99b9c"}, {"name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha"}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"version": "< 1.6.3-alpha", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T04:23:23.695Z"}, "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha."}], "source": {"advisory": "GHSA-5jfc-p787-2mf9", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-06T16:00:17.295863Z", "id": "CVE-2026-28677", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T16:07:38.831Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28677", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-06T16:00:17.295863Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T16:00:18.725Z"}}], "cna": {"title": "OpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal access", "source": {"advisory": "GHSA-5jfc-p787-2mf9", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "OpenSift", "product": "OpenSift", "versions": [{"status": "affected", "version": "< 1.6.3-alpha"}]}], "references": [{"url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9", "name": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenSift/OpenSift/pull/67", "name": "https://github.com/OpenSift/OpenSift/pull/67", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "name": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "name": "https://github.com/OpenSift/OpenSift/commit/de99b9c", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "name": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T04:23:23.695Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28677", "state": "PUBLISHED", "dateUpdated": "2026-03-06T16:07:38.831Z", "dateReserved": "2026-03-02T21:43:19.926Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-06T04:23:23.695Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*", "matchCriteriaId": "D1037E2F-1527-4C09-8D8D-78E56E6DDC78", "versionEndExcluding": "1.6.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in non-localhost deployments. This issue has been patched in version 1.6.3-alpha."}, {"lang": "es", "value": "OpenSift es una herramienta de estudio de IA que filtra grandes conjuntos de datos utilizando b\u00fasqueda sem\u00e1ntica e IA generativa. Antes de la versi\u00f3n 1.6.3-alpha, el pipeline de ingesta de URL aceptaba URL remotas controladas por el usuario con restricciones de destino incompletas. Aunque exist\u00edan comprobaciones de host privado/local, la falta de restricciones para URL con credenciales, puertos no est\u00e1ndar y redirecciones entre hosts dejaban rutas de abuso de clase SSRF en despliegues que no eran localhost. Este problema ha sido parcheado en la versi\u00f3n 1.6.3-alpha."}], "id": "CVE-2026-28677", "lastModified": "2026-03-18T12:59:04.400", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-06T05:16:36.610", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenSift/OpenSift/commit/1126e0a503876056a68a434e19f64158a5a4840b"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenSift/OpenSift/commit/de99b9c"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/OpenSift/OpenSift/pull/67"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/OpenSift/OpenSift/releases/tag/v1.6.3-alpha"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Patch"], "url": "https://github.com/OpenSift/OpenSift/security/advisories/GHSA-5jfc-p787-2mf9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.6.3-alpha)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenSift", "source": "cna", "vendor": "OpenSift"}, "product": "opensift", "vendor": "opensift"}], "analysis": {"en": {"generated_at": "2026-04-17T12:25:23.519047+00:00", "value": {"mitigation_remediation": ["Update OpenSift to version 1.6.3\u2011alpha or newer, which corrects the URL destination validation.", "If upgrading is not immediately possible, restrict user access to the ingest API to trusted users or implement outbound ACLs that block non\u2011localhost destinations.", "Monitor ingestion logs for outbound requests to internal addresses and investigate any that appear suspicious."], "summary": {"action": "Immediate Patch", "impact": "Internal network access via insecure URL ingestion (SSRF)-style exploit"}, "threat_synthesis": {"affected_systems": "OpenSift \u2013 any instance running a version earlier than 1.6.3\u2011alpha. The affected code is part of the URL ingest pipeline used by the OpenSift AI study tool. The fix is implemented in release v1.6.3\u2011alpha.", "description_and_impact": "The ingest pipeline in OpenSift accepts user-provided URLs without adequate destination validation. Private/local host checks are present, but restrictions for credentialed URLs, non-standard ports, and cross-host redirects are missing. This creates SSRF-style abuse paths that can allow an attacker to reach internal resources, exposing confidential data or enabling further compromise. The vulnerability is classified as CWE\u2011918, reflecting a lack of proper access control for remote resources.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.2, indicating high severity. Its EPSS score is below 1%, implying a very low probability of exploitation at this time, and it is not listed in the CISA KEV catalog. Nevertheless, the attack can be executed by any user able to submit ingestion requests, using specially crafted URLs that bypass the incomplete destination checks and reach services on internal addresses, potentially exposing internal data or facilitating further lateral movement."}}}}, "created": "2026-03-06T14:55:51.125423+00:00", "updated": "2026-04-17T12:30:06.267507+00:00", "vendors": ["opensift", "opensift$PRODUCT$opensift"]}