OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers u…

OpenSift, an AI study tool for dataset analysis using semantic search and generative AI, contains a path injection vulnerability in versions prior to 1.6.3-alpha. The vulnerability exists in multiple storage helpers that use path construction patterns without proper base-directory containment enforcement. This creates path-injection risks in file read/write/delete operations when malicious path-like values are introduced. The issue has been patched in version 1.6.3-alpha with proper path validation controls.