CVE-2026-31231CRITICAL 9.8EPSS p45.6%

CVE-2026-31231CVE-2026-31231

Description

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec() function without any sandboxing, validation, or security controls. An attacker can exploit this by sending a specially crafted POST request containing malicious Python code to the execution endpoint. This leads to arbitrary code execution on the Cognee server with the privileges of the server process, allowing complete compromise of the system.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.64% probability of exploitation · percentile 45.6% · 2026-06-18T12:00:27Z
Published2026-05-12
Last modified2026-05-15

Underlying weaknesses· 1

CWE-94

References

  1. https://github.com/topoteretes/cognee
  2. https://www.notion.so/CVE-2026-31231-35d1e13931888178a963ef9efeb29113

1

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-45672
CVE
CVE-2026-31236
CVE
CVE-2026-41507
CVE
CVE-2026-35002
CVE
CVE-2026-0770
CVE
CVE-2026-2275
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.