CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-28675

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.1%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2026-28675

Opensift » Opensift » Version: 1.0.0

cpe:2.3:a:opensift:opensift:1.0.0
Opensift » Opensift » Version: 1.0.1

cpe:2.3:a:opensift:opensift:1.0.1
Opensift » Opensift » Version: 1.1.0

cpe:2.3:a:opensift:opensift:1.1.0
Opensift » Opensift » Version: 1.1.1

cpe:2.3:a:opensift:opensift:1.1.1
Opensift » Opensift » Version: 1.1.2

cpe:2.3:a:opensift:opensift:1.1.2
Opensift » Opensift » Version: 1.1.3

cpe:2.3:a:opensift:opensift:1.1.3
Opensift » Opensift » Version: 1.3.1

cpe:2.3:a:opensift:opensift:1.3.1
Opensift » Opensift » Version: 1.4.0

cpe:2.3:a:opensift:opensift:1.4.0
Opensift » Opensift » Version: 1.5.0

cpe:2.3:a:opensift:opensift:1.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-28675

Products

Pricing

Contact Us