What is CVE-2026-27169?

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untrusted user/model content in chat tool UI surfaces usin...

How severe is CVE-2026-27169?

CVE-2026-27169 is rated high severity with a CVSS score of 8.9 out of 10.

What products are affected by CVE-2026-27169?

CVE-2026-27169 affects Opensift Opensift. Check vendor advisories for specific affected versions.

How do I fix CVE-2026-27169?

The vendor has published a patch — see the "Vendor Patch" link in the references section. If you cannot patch immediately, review mitigation guidance in this advisory and monitor for exploitation attempts.

OpenSift stored XSS in chat UI (CVE-2026-27169)

Vendor-confirmed - CVE-2026-27169 is a high stored XSS vulnerability in OpenSift versions 1.1.2-alpha and earlier that lets an attacker inject malicious scripts into study materials, hijacking victim sessions, stealing cookies, and modifying or deleting personal data. Update to version 1.1.3-alpha immediately.

Overview

A significant security vulnerability has been identified in OpenSift, an AI-powered study tool. This flaw allows for Cross-Site Scripting (XSS) attacks, where malicious code can be injected into the application and executed in a user’s browser.

Vulnerability Details

In OpenSift versions 1.1.2-alpha and earlier, the chat interface does not properly sanitize user-supplied content. When the application displays study materials, quizzes, or flashcards that contain hidden malicious code, that code can execute in the viewer’s browser session. This is a “stored” XSS vulnerability, meaning the harmful payload is saved within the application (e.g., in a shared study set) and triggers whenever that content is viewed.

Impact

The severity of this vulnerability is rated as HIGH (CVSS score: 8.9). An attacker could exploit this by creating or manipulating study content with embedded malicious scripts. When a victim-such as another student or a teacher-views this content while logged in, the script executes in their browser within the context of their OpenSift session. This could allow the attacker to:

Perform actions on behalf of the victim without their consent.
Steal session cookies or authentication tokens.
Access, modify, or delete the victim’s study data and personal information within the app.
Redirect the user to malicious websites.

Affected Versions

OpenSift version 1.1.2-alpha and all earlier versions.

Remediation and Mitigation

The issue has been addressed by the maintainers. Immediate action is required.

Primary Action - Upgrade:

Upgrade to OpenSift version 1.1.3-alpha or later immediately. This version contains the necessary fixes to properly sanitize content and prevent this attack.

If Immediate Upgrade is Not Possible:

Audit Content: Review and monitor user-generated study sets, quizzes, and flashcards for suspicious content, particularly those containing HTML or JavaScript-like code.
User Awareness: Advise users to be cautious when accessing shared study content from untrusted sources within the platform.
Network Controls: Consider implementing web application firewall (WAF) rules designed to block common XSS payloads. This is a temporary mitigation, not a permanent fix.

Verification: After upgrading, confirm that user-generated content in chat and study interfaces is displayed as plain text or properly escaped HTML, and does not execute as code in the browser.

Reference: CVE-2026-27169

OpenSift stored XSS in chat UI (CVE-2026-27169)

Overview

Vulnerability Details

Impact

Affected Versions

Remediation and Mitigation

Never miss a critical vulnerability

Related Advisories

Overview

Vulnerability Details

Impact

Affected Versions

Remediation and Mitigation

Never miss a critical vulnerability

Related Advisories

Never Miss a Critical Alert