AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-27189: OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-a

mediumvulnerability

security

Source: NVD/CVE DatabaseFebruary 20, 2026CVE-2026-27189

Summary

OpenSift is an AI study tool that uses semantic search (finding information based on meaning rather than exact keyword matches) and generative AI to analyze large datasets. Versions 1.1.2-alpha and earlier have a vulnerability where multiple operations happening at the same time can corrupt or lose data in local JSON files (a common data storage format), affecting study notes, quizzes, flashcards, and user accounts.

Solution / Mitigation

This issue has been fixed in version 1.1.3-alpha. Users should upgrade to version 1.1.3-alpha or later.

Vulnerability Details

CVSS Score

6.6(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Impact (CIA+S)

integrityavailability

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-362 CWE-367

CAPEC (Attack Pattern)

CAPEC-26 CAPEC-27

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-27189

First tracked: February 20, 2026 at 11:07 PM

Classified by LLM (prompt v3) · confidence: 85%