Cognee Remote Code Execution Vulnerability in Notebook Cell Execution API

Vulnerability

A critical remote code execution vulnerability exists in Cognee versions through 0.4.0, specifically within its notebook cell execution API endpoint. This endpoint allows users to execute arbitrary Python code, but it does so using the unsafe exec() function without any sandboxing, validation, or security controls. An attacker can exploit this vulnerability by sending a specially crafted POST request with malicious Python code, leading to arbitrary code execution on the Cognee server with the privileges of the server process, thereby compromising the entire system.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where Cognee is running, with the same privileges as the server process. This could lead to a complete compromise of the system.

Added: May 12, 2026, 6:32 PM

Updated: May 12, 2026, 6:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.1

remediation

0.0

relevance

7.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.1

remediation

0.0

relevance

7.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cognee Remote Code Execution Vulnerability in Notebook Cell Execution API

Vulnerability

Impact

Affected Products

Cognee

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating