CVE Catalog

CVE-2026-31231

Critical
Published: Translated: NVD NIST

Summary

Cognee up to version 0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint executes arbitrary Python code provided by the user using the unsafe exec() function without any sandboxing, validation, or security controls.

Risk Assessment

An attacker can exploit this vulnerability by sending a specially crafted POST request containing malicious Python code to the execution endpoint, leading to arbitrary code execution on the Cognee server with the privileges of the server process, allowing complete compromise of the system.

Recommendation

It is recommended to update to the latest version of Cognee that fixes this vulnerability and to implement additional security measures such as validation and sandboxing for executed code.

Original NVD description (English source)

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec() function without any sandboxing, validation, or security controls. An attacker can exploit this by sending a specially crafted POST request containing malicious Python code to the execution endpoint. This leads to arbitrary code execution on the Cognee server with the privileges of the server process, allowing complete compromise of the system.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS