CVE-2026-28676
Published: 06 March 2026
Summary
CVE-2026-28676 is a high-severity Path Traversal (CWE-22) vulnerability in Opensift Opensift. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Machine Learning Libraries.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation of user-supplied path inputs in storage helpers to enforce base-directory containment and block path injection attacks.
Mandates timely identification, reporting, and patching of software flaws like this path injection vulnerability in OpenSift.
Enforces file system access controls to restrict unauthorized read, write, or delete operations outside the intended base directory even if path traversal succeeds.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal (CWE-22) in network-accessible app directly enables arbitrary file read (T1005), delete (T1070.004), write for tool ingress (T1105), and exploitation of the vulnerable public-facing service (T1190).
NVD Description
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in…
more
file read/write/delete flows if malicious path-like values were introduced. This issue has been patched in version 1.6.3-alpha.
Deeper analysisAI
CVE-2026-28676 is a path injection vulnerability (CWE-22) affecting OpenSift, an AI study tool that processes large datasets via semantic search and generative AI. In versions prior to 1.6.3-alpha, multiple storage helpers employed path construction patterns that failed to consistently enforce base-directory containment. This flaw exposed file read, write, and delete operations to path-injection risks when malicious path-like inputs were supplied. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
An authenticated attacker with low privileges (PR:L) can exploit this over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation allows arbitrary file read, write, or delete operations outside the intended base directory, potentially leading to high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).
The issue was addressed in OpenSift version 1.6.3-alpha, as detailed in the project's GitHub security advisory (GHSA-ww4m-c7hv-2rqv), release notes, pull request #67, and fixing commits (1126e0a503876056a68a434e19f64158a5a4840b and de99b9c). Security practitioners should upgrade to at least 1.6.3-alpha to mitigate the risk.
As an AI-powered tool for dataset analysis, this vulnerability highlights path traversal risks in AI/ML workflows handling user-supplied inputs for storage operations, though no public evidence of real-world exploitation has been reported.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Machine Learning Libraries
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai, generative ai