VYPR
Unrated severityNVD Advisory· Published Mar 6, 2026· Updated Mar 9, 2026

OpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpoints

CVE-2026-28675

Description

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token rotation output. This issue has been patched in version 1.6.3-alpha.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.