Cyber Posture

CVE-2026-27170

High

Published: 21 February 2026

Published
21 February 2026
Modified
23 February 2026
KEV Added
Patch
CVSS Score 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0007 20.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-27170 is a high-severity Improper Input Validation (CWE-20) vulnerability in Opensift Opensift. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Service Discovery (T1046); ranked at the 20.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other AI Platforms.

Threat & Defense at a Glance

What attackers do: exploitation maps to Network Service Discovery (T1046) and 2 other techniques.
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-10 Information Input Validation
addresses: CWE-20 CWE-918

Directly implements checks on information inputs to reject invalid data before processing.

CA-8 Penetration Testing
addresses: CWE-918

Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.

PM-14 Testing, Training, and Monitoring
addresses: CWE-20

Security testing and developer training directly verify and enforce proper input validation, reducing exploitability of injection and malformed-data weaknesses.

SA-11 Developer Testing and Evaluation
addresses: CWE-20

Security testing and evaluation at multiple SDLC stages directly detects missing or flawed input validation, with the required remediation process ensuring fixes are applied.

SC-7 Boundary Protection
addresses: CWE-918

Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.

SI-4 System Monitoring
addresses: CWE-918

Detects server-side request forgery through monitoring of unexpected outbound connections.

SI-8 Spam Protection
addresses: CWE-20

Spam protection mechanisms perform filtering and detection on inbound/outbound messages, directly compensating for missing or weak input validation of unsolicited content.

MITRE ATT&CK Enterprise TechniquesAI

T1046 Network Service Discovery Discovery
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
attack.mitre.org →
T1018 Remote System Discovery Discovery
Adversaries may attempt to get a listing of other systems by IP address, hostname, or other logical identifier on a network that may be used for Lateral Movement from the current system.
attack.mitre.org →
T1082 System Information Discovery Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
attack.mitre.org →
Why these techniques?

SSRF (CWE-918) directly enables internal network probing and reconnaissance of private/local services and systems from the server process, mapping to network/system discovery techniques.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing…

more

of private/local network resources from the OpenSift host process when ingesting attacker-controlled URLs. This issue has been fixed in version 1.1.3-alpha. To workaround when using trusted local-only exceptions, use OPENSIFT_ALLOW_PRIVATE_URLS=true with caution.

Deeper analysisAI

CVE-2026-27170 affects OpenSift, an AI study tool that processes large datasets via semantic search and generative AI. In versions 1.1.2-alpha and prior, the URL ingest feature exhibits overly permissive server-side fetch behavior, allowing coercion into requesting unsafe targets. This enables potential access or probing of private or local network resources directly from the OpenSift host process when processing attacker-controlled URLs. The vulnerability is classified under CWE-20 (Improper Input Validation) and CWE-918 (Server-Side Request Forgery), with a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).

An attacker with low privileges, such as an authenticated user, can exploit this over the network with low complexity and no user interaction required. By supplying malicious URLs during ingestion, they can compel the OpenSift server to fetch resources from internal private networks or local services, achieving high confidentiality impact through unauthorized data access or reconnaissance, alongside low integrity impact.

The issue is addressed in OpenSift version 1.1.3-alpha. For mitigation, practitioners should upgrade immediately. As a cautious workaround for trusted local-only exceptions, set the environment variable OPENSIFT_ALLOW_PRIVATE_URLS=true. Additional details are available in the GitHub release notes at https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha and the security advisory at https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3w2r-hj5p-h6pp.

Details

CWE(s)
CWE-20CWE-918

Affected Products

opensift
opensift
≤ 1.1.3

AI Security AnalysisAI

AI Category
Other AI Platforms
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai, generative ai

CVEs Like This One

CVE-2026-28677Same product: Opensift Opensift
CVE-2026-27169Same product: Opensift Opensift
CVE-2026-28676Same product: Opensift Opensift
CVE-2026-41271Shared CWE-918
CVE-2026-26322Shared CWE-918
CVE-2026-35486Shared CWE-918
CVE-2026-33990Shared CWE-918
CVE-2026-30834Shared CWE-918
CVE-2026-4231Shared CWE-918
CVE-2026-28451Shared CWE-918

References