Description
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution.
Published: 2026-02-20
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Server‑side request forgery that can expose private network resources
Action: Apply patch
AI Analysis

Impact

OpenSift’s URL ingestion endpoint accepts user‑supplied URLs and fetches them unfiltered, enabling a server‑side request forgery vulnerability. An attacker that can supply a crafted URL can cause the OpenSift host process to contact internal or private network addresses, potentially exposing confidential data or services. The flaw is rooted in improper input validation (CWE‑20) and classic SSRF behavior (CWE‑918).

Affected Systems

The issue affects OpenSift, a semantic‑search and generative‑AI study tool. Versions 1.1.2‑alpha and earlier are vulnerable. The problem was corrected in 1.1.3‑alpha. No other versions are reported as affected.

Risk and Exploitability

The CVSS score of 7.1 indicates moderate‑to‑high severity, while the EPSS of less than 1 % suggests a low current exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to reach the OpenSift ingestion endpoint with a malicious URL; the request is then performed by the host without authentication checks. If the endpoint is publicly reachable or accessible from untrusted networks, the path to internal resources is straightforward and does not require privileged credentials on the host. Official remediation is to upgrade to 1.1.3‑alpha or later. As an insecure workaround, the environment variable OPENSIFT_ALLOW_PRIVATE_URLS=true can be enabled to allow trusted private URLs, but this must be used with caution because it re‑introduces the SSRF risk for any incoming URLs.

Generated by OpenCVE AI on April 18, 2026 at 11:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenSift to version 1.1.3‑alpha or newer to eliminate the SSRF flaw
  • If using trusted private URLs, set OPENSIFT_ALLOW_PRIVATE_URLS=true but enable only after verifying the URLs are safe and monitor for malicious usage
  • Restrict access to the URL ingestion endpoint by applying network segmentation, firewall rules, or authentication to limit exposure to untrusted actors

Generated by OpenCVE AI on April 18, 2026 at 11:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:opensift:opensift:*:*:*:*:*:python:*:*

Mon, 23 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Opensift
Opensift opensift
Vendors & Products Opensift
Opensift opensift

Sat, 21 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
Description OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution.
Title OpenSift: SSRF risk in URL ingestion endpoint
Weaknesses CWE-20
CWE-918
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N'}

Subscriptions

Opensift Opensift
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-25T21:26:30.324Z

Reserved: 2026-02-18T00:18:53.963Z

Link: CVE-2026-27170

cve-icon Vulnrichment

Updated: 2026-02-25T21:26:26.188Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-21T00:16:16.980

Modified: 2026-02-23T20:50:25.223

Link: CVE-2026-27170

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T11:30:44Z

Weaknesses