{"data":{"id":"4c328289-4a4a-41a9-90fe-f47883c4a1a2","title":"CVE-2026-28676: OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version","summary":"OpenSift is an AI study tool that uses semantic search (finding information based on meaning rather than exact keywords) and generative AI to analyze large datasets. Before version 1.6.3-alpha, the software had a path-injection vulnerability (a flaw where attackers could manipulate file paths to access files outside intended directories) in its file storage system, allowing potential unauthorized file read, write, or delete operations.","solution":"This issue has been patched in version 1.6.3-alpha. Users should update to this version or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-28676","publishedAt":"2026-03-06T05:16:36.270Z","cveId":"CVE-2026-28676","cweIds":["CWE-22"],"cvssScore":"8.8","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["OpenSift"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.0005,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-126"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}