PT-2026-21331 · Openshift · Openshift

Mdavistffhrtporg

·

Publicado

2026-02-21

·

Atualizado

2026-02-21

·

CVE-2026-27189

CVSS v3.1

6.6

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Name of the Vulnerable Software and Affected Versions OpenSift versions 1.1.2-alpha and below
Description OpenSift, an AI study tool, uses non-atomic and insufficiently synchronized local JSON persistence flows in versions 1.1.2-alpha and earlier. This can lead to concurrent operations losing updates or corrupting local state across sessions, impacting study, quiz, flashcard, wellness, and authentication stores.
Recommendations Update to version 1.1.3-alpha or later.

Exploit

Correção

Time Of Check To Time Of Use

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-367CWE-362

Identificadores relacionados

CVE-2026-27189
GHSA-3PMP-J953-WHXQ

Produtos afetados

Openshift