CVE-2026-27169
Published: 21 February 2026
Summary
CVE-2026-27169 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Opensift Opensift. Its CVSS base score is 8.9 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique JavaScript (T1059.007); ranked at the 6.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Machine Learning Libraries.
The strongest mitigations our analysis identified are NIST 800-53 SI-15 (Information Output Filtering) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-15 directly addresses unsafe HTML interpolation by requiring filtering of untrusted user/model content prior to rendering in UI surfaces to block XSS script execution.
SI-10 validates information inputs from users or AI models before storage in study/quiz/flashcard content, preventing injection of malicious XSS payloads.
SI-2 ensures timely flaw remediation by applying the specific XSS fix released in OpenSift version 1.1.3-alpha.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stored XSS enables arbitrary JavaScript execution in authenticated browser sessions (T1059.007), directly supporting browser session hijacking (T1185) and web session cookie theft (T1539). The web app context with user-generated tainted content also facilitates drive-by compromise against victims viewing the content (T1189).
NVD Description
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untrusted user/model content in chat tool UI surfaces using unsafe HTML interpolation patterns, leading to XSS. Stored content…
more
can execute JavaScript when later viewed in authenticated sessions. An attacker who can influence stored study/quiz/flashcard content could trigger script execution in a victim’s browser, potentially performing actions as that user in the local app session. This issue has been fixed in version 1.1.3-alpha.
Deeper analysisAI
CVE-2026-27169 is a cross-site scripting (XSS) vulnerability affecting OpenSift, an AI study tool that uses semantic search and generative AI to process large datasets. Versions 1.1.2-alpha and below render untrusted user or model-generated content in chat tool UI surfaces via unsafe HTML interpolation patterns. This improper encoding (CWE-116, CWE-79) allows stored content to execute arbitrary JavaScript when viewed in authenticated sessions. The vulnerability was published on 2026-02-21 and carries a CVSS v3.1 base score of 8.9 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L).
An attacker requires low privileges (PR:L) to influence stored study, quiz, or flashcard content, such as by injecting malicious payloads via user inputs or AI-generated outputs. Exploitation occurs over the network (AV:N) with low complexity when a victim with an authenticated session views the tainted content, requiring user interaction (UI:R). Successful attacks trigger JavaScript execution in the victim's browser with changed scope (S:C), enabling high-impact actions like data exfiltration (C:H), session manipulation (I:H), or limited disruption (A:L) as the victim within the local app session.
The issue is fixed in OpenSift version 1.1.3-alpha. Mitigation details are available in the GitHub release notes at https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha and the security advisory at https://github.com/OpenSift/OpenSift/security/advisories/GHSA-qrpx-7cmv-5gv5, which practitioners should review for upgrade instructions and any interim workarounds.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Machine Learning Libraries
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai, generative ai