CVE-2026-28675: OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version
Summary
OpenSift, an AI study tool that uses semantic search (finding information based on meaning rather than exact word matches) and generative AI to analyze large datasets, had a security problem in versions before 1.6.3-alpha where it exposed sensitive information. Specifically, the tool returned raw error messages to users and leaked login tokens (credentials that prove who you are) in responses shown on the screen and in token rotation output (the process of replacing old credentials with new ones).
Solution / Mitigation
This issue has been patched in version 1.6.3-alpha. Users should upgrade to this version or later.
Vulnerability Details
5.3(medium)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-28675
First tracked: March 6, 2026 at 03:07 AM
Classified by LLM (prompt v3) · confidence: 85%