Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
OpenSift: Data Loss or Corruption on Older Versions
CVE-2026-27189
Summary
Using OpenSift versions 1.1.2-alpha or earlier can lead to data loss or corruption, especially when multiple people access and update the same data at the same time. This is because the tool doesn't properly manage changes to the data, causing updates to be lost or corrupted. Update to version 1.1.3-alpha to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| opensift | opensift | <= 1.1.3 | – |
Original title
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic and insufficiently synchronized local JSON per...
Original description
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic and insufficiently synchronized local JSON persistence flows, potentially causing concurrent operations to lose updates or corrupt local state across sessions/study/quiz/flashcard/wellness/auth stores. This issue has been fixed in version 1.1.3-alpha.
nvd CVSS3.1
5.8
Vulnerability type
CWE-362
Race Condition
CWE-367
- https://github.com/OpenSift/OpenSift/releases/tag/v1.1.3-alpha Product Release Notes
- https://github.com/OpenSift/OpenSift/security/advisories/GHSA-3pmp-j953-whxq Vendor Advisory
Published: 21 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026