Browse all 6 CVE security advisories affecting OpenSift. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28677 | OpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal access — OpenSiftCWE-918 | 8.2 | High | 2026-03-06 |
| CVE-2026-28676 | OpenSift: Insufficient path containment checks in storage helpers could allow path traversal-style file operations — OpenSiftCWE-22 | 8.8 | High | 2026-03-06 |
| CVE-2026-28675 | OpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpoints — OpenSiftCWE-200 | 5.3 | Medium | 2026-03-06 |
| CVE-2026-27189 | OpenSift: Race-prone local persistence could cause state corruption/loss — OpenSiftCWE-367 | 6.6 | Medium | 2026-02-21 |
| CVE-2026-27170 | OpenSift: SSRF risk in URL ingestion endpoint — OpenSiftCWE-20 | 7.1 | High | 2026-02-20 |
| CVE-2026-27169 | OpenSift: Persistent XSS Chat Tool Rendering — OpenSiftCWE-79 | 8.9 | High | 2026-02-20 |
This page lists every published CVE security advisory associated with OpenSift. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.