CVE-2026-28438
Published: 06 March 2026
Summary
CVE-2026-28438 is a critical-severity SQL Injection (CWE-89) vulnerability in Cocoindex Cocoindex. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation of untrusted inputs like table names before constructing SQL statements, preventing SQL injection in the Doris connector.
Mandates timely identification, reporting, and patching of flaws such as this SQL injection vulnerability, as demonstrated by the fix in CocoIndex 0.3.34.
Enables vulnerability scanning to identify SQL injection flaws in data transformation frameworks like CocoIndex and prompts remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in network-accessible data framework connector (AV:N, no auth) directly matches remote exploitation of public-facing application for arbitrary backend SQL execution.
NVD Description
CocoIndex is a data transformation framework for AI. Prior to version 0.3.34, the Doris target connector didn't verify the configured table name before creating some SQL statements (ALTER TABLE). So, in the application code, if the table name is provided…
more
by an untrusted upstream, it expose vulnerability to SQL injection when target schema change. This issue has been patched in version 0.3.34.
Deeper analysisAI
CVE-2026-28438 is a SQL injection vulnerability (CWE-89) in CocoIndex, an open-source data transformation framework for AI applications. The issue affects the Doris target connector in versions prior to 0.3.34, where the connector fails to verify user-supplied table names before constructing ALTER TABLE SQL statements during target schema changes. This allows malicious input from untrusted upstream sources to inject arbitrary SQL, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) due to its critical impact potential.
Any remote attacker with the ability to supply a table name from an untrusted upstream source can exploit this vulnerability over the network with low complexity, no privileges, and no user interaction required. Successful exploitation enables arbitrary SQL execution on the Doris backend, potentially leading to high confidentiality, integrity, and availability impacts, such as data exfiltration, modification, or denial of service during schema alteration operations.
The vulnerability has been addressed in CocoIndex version 0.3.34, as detailed in the project's security advisory (GHSA-59g6-v3vg-f7wc) and the patching commit (ba2fc4a89e22d35572c64bd2990737c7913b0729). Security practitioners should upgrade to the fixed version and review configurations for untrusted inputs in Doris connectors.
As a framework tailored for AI data pipelines, this flaw highlights risks in automated data transformation workflows where schema changes propagate unvalidated inputs to backend databases. No public evidence of real-world exploitation has been reported.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai