External risk intelligence

Cognee allows attackers to take over your systems by sending malicious code.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-31231

Cognee versions before 0.4.0 have a critical flaw in their code execution feature that lets attackers run any command on your server remotely and take complete control. Act now to protect your systems.

4Halo Surface Signal

Code Injection

External exposure likelihood

Halo Surface Signal score for CVE-2026-31231

The vulnerability exists in a notebook cell execution API endpoint. As a service designed to process user-submitted code, this API is typically deployed as an externally reachable network service or web-facing component, making it accessible to any party with network connectivity to the application server.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability allows attackers to run malicious code on the Cognee server without needing any special access. The system's notebook cell execution feature uses an unsafe method to run user-provided Python code, meaning any code submitted through this API can be executed with full server privileges. This could lead to a complete compromise of the affected systems.

  • Allows remote code execution.
  • Compromise of the entire server.
  • No user interaction needed.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this critical vulnerability by sending a crafted POST request to the notebook cell execution API endpoint. This request will contain malicious Python code, which the API executes unsafely via `exec()`. Successful exploitation allows the attacker to achieve arbitrary code execution on the server with the privileges of the running process, leading to a full system compromise.

  • No authentication required.
  • Targets notebook cell execution API.
  • Exploits unsafe `exec()` function.

Live Threat

Current exploitation, exposure, and threat context

This critical vulnerability in Cognee's notebook cell execution API allows for remote code execution by sending a specially crafted POST request. Attackers would likely find this attractive due to the direct path to arbitrary code execution on the server without requiring any prior authentication or user interaction. The lack of sandboxing or security controls makes exploitation straightforward for any attacker able to reach the API endpoint.

  • No known exploitation in the wild.
  • No public exploit available.
  • Vulnerability is recent.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize isolating or taking offline services running Cognee through v0.4.0 due to a critical remote code execution vulnerability. The absence of sandboxing for code execution makes any interaction with this endpoint a high-risk event, potentially leading to full system compromise.

  • Block external access to the Cognee API.
  • Monitor logs for suspicious API requests.
  • Upgrade Cognee to a patched version when available.

Frequently asked questions

What is Cognee v0.4.0 and what is it used for?

Cognee is a software tool, with versions up to 0.4.0 affected by a vulnerability. It includes a notebook cell execution API that allows users to run Python code. This feature is designed for executing arbitrary Python code provided by users.

What kind of vulnerability does CVE-2026-31231 represent in Cognee?

CVE-2026-31231 is a critical remote code execution vulnerability. It falls under the weakness class CWE-94, which relates to the improper control of a generated code sequence. This means an attacker can make the software generate and execute code that was not intended.

How can an attacker exploit the CVE-2026-31231 vulnerability?

An attacker can exploit this by sending a specially crafted POST request containing malicious Python code to Cognee's notebook cell execution API. The vulnerability is triggered because the `exec()` function is used without any security measures like sandboxing or validation.

Who should be concerned about CVE-2026-31231?

Organizations using Cognee through version 0.4.0 should be concerned. Halo classifies this as an external threat because the notebook cell execution API is typically internet-facing, meaning it can be reached by attackers over the network.

What is the first step to address CVE-2026-31231 in Cognee?

The immediate first step is to isolate or take offline any services running Cognee versions up to 0.4.0. Blocking external access to the Cognee API endpoint is recommended due to the high risk of system compromise.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified