Cyber Resilience

CVE-2026-28438

Medium

Published: 06 March 2026

Published
06 March 2026
Modified
10 March 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0028 19.8th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-28438 is a medium-severity SQL Injection (CWE-89) vulnerability in Cocoindex Cocoindex. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Data Processing Libraries; in the Data-Related Vulnerabilities risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-28438 is a SQL injection vulnerability (CWE-89) in CocoIndex, an open-source data transformation framework for AI applications. The issue affects the Doris target connector in versions prior to 0.3.34, where the connector fails to verify user-supplied table names before constructing ALTER TABLE SQL statements during target schema changes. This allows malicious input from untrusted upstream sources to inject arbitrary SQL, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) due to its critical impact potential.

Any remote attacker with the ability to supply a table name from an untrusted upstream source can exploit this vulnerability over the network with low complexity, no privileges, and no user interaction required. Successful exploitation enables arbitrary SQL execution on the Doris backend, potentially leading to high confidentiality, integrity, and availability impacts, such as data exfiltration, modification, or denial of service during schema alteration operations.

The vulnerability has been addressed in CocoIndex version 0.3.34, as detailed in the project's security advisory (GHSA-59g6-v3vg-f7wc) and the patching commit (ba2fc4a89e22d35572c64bd2990737c7913b0729). Security practitioners should upgrade to the fixed version and review configurations for untrusted inputs in Doris connectors.

As a framework tailored for AI data pipelines, this flaw highlights risks in automated data transformation workflows where schema changes propagate unvalidated inputs to backend databases. No public evidence of real-world exploitation has been reported.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

CocoIndex is a data transformation framework for AI. Prior to version 0.3.34, the Doris target connector didn't verify the configured table name before creating some SQL statements (ALTER TABLE). So, in the application code, if the table name is provided…

more

by an untrusted upstream, it expose vulnerability to SQL injection when target schema change. This issue has been patched in version 0.3.34.

CWE(s)

AI Security AnalysisAI

AI Category
Data Processing Libraries
Risk Domain
Data-Related Vulnerabilities
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in network-accessible data framework connector (AV:N, no auth) directly matches remote exploitation of public-facing application for arbitrary backend SQL execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-24956Shared CWE-89
CVE-2026-33615Shared CWE-89
CVE-2025-28939Shared CWE-89
CVE-2021-47872Shared CWE-89
CVE-2025-28873Shared CWE-89
CVE-2019-25636Shared CWE-89
CVE-2026-32611Shared CWE-89
CVE-2026-22687Shared CWE-89
CVE-2026-42755Shared CWE-89
CVE-2024-53544Shared CWE-89

Affected Assets

cocoindex
cocoindex
≤ 0.3.34

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of untrusted inputs like table names before constructing SQL statements, preventing SQL injection in the Doris connector.

prevent

Mandates timely identification, reporting, and patching of flaws such as this SQL injection vulnerability, as demonstrated by the fix in CocoIndex 0.3.34.

preventdetect

Enables vulnerability scanning to identify SQL injection flaws in data transformation frameworks like CocoIndex and prompts remediation.

References