Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-31231: Cognee thru v0.4.0: Remote Code Execution via Notebook Cell
CVE-2026-31231
Summary
An attacker can execute malicious code on the Cognee server by sending a specially crafted request. This could lead to the complete compromise of the system. Update Cognee to a version after v0.4.0 to fix this vulnerability.
Original title
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the use...
Original description
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec() function without any sandboxing, validation, or security controls. An attacker can exploit this by sending a specially crafted POST request containing malicious Python code to the execution endpoint. This leads to arbitrary code execution on the Cognee server with the privileges of the server process, allowing complete compromise of the system.
Vulnerability type
CWE-94
Code Injection
Published: 12 May 2026 · Updated: 30 May 2026 · First seen: 13 May 2026