Cyber Resilience

CVE-2026-31891

High

Published: 18 March 2026

Published
18 March 2026
Modified
20 March 2026
KEV Added
Patch
CVSS Score v3.1 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score 0.0001 2.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-31891 is a high-severity SQL Injection (CWE-89) vulnerability in Agentejo Cockpit. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 2.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-31891 is a SQL injection vulnerability (CWE-89) affecting Cockpit, a headless content management system, in versions 2.13.4 and earlier. The issue resides in the MongoLite Aggregation Optimizer, specifically within the `toJsonExtractRaw()` method in `lib/MongoLite/Aggregation/Optimizer.php`, where unsanitized field names in aggregation queries allow arbitrary SQL injection. Cockpit CMS instances with API access enabled are potentially vulnerable if the `/api/content/aggregate/{model}` endpoint is publicly accessible or reachable by untrusted users. The vulnerability carries a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Attackers possessing a valid read-only API key—the lowest privilege level—can exploit this vulnerability without requiring admin access. By crafting malicious aggregation queries with injected SQL via field names, they can bypass the `_state=1` filter that restricts access to published content, enabling retrieval of unpublished or restricted data from the underlying SQLite content database.

The vulnerability has been addressed in Cockpit version 2.13.5, which applies field-name sanitization—previously introduced in v2.13.3 for the `toJsonPath()` method—to the `toJsonExtractRaw()` function, thereby closing the injection vector. Official advisories and the release notes are available at the Cockpit GitHub repository's release page for v2.13.5 and the security advisory GHSA-7x5c-vfhj-9628.

EU & UK References

Vulnerability details

Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the `/api/content/aggregate/{model}` endpoint…

more

is publicly accessible or reachable by untrusted users may be vulnerable, and attackers in possession of a valid read-only API key (the lowest privilege level) can exploit this vulnerability — no admin access is required. An attacker can inject arbitrary SQL via unsanitized field names in aggregation queries, bypass the `_state=1` published-content filter to access unpublished or restricted content, and extract unauthorized data from the underlying SQLite content database. This vulnerability has been patched in version 2.13.5. The fix applies the same field-name sanitization introduced in v2.13.3 for `toJsonPath()` to the `toJsonExtractRaw()` method in `lib/MongoLite/Aggregation/Optimizer.php`, closing the injection vector in the Aggregation Optimizer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
Why these techniques?

SQL injection in publicly accessible /api/content/aggregate endpoint of Cockpit CMS directly enables T1190 (Exploit Public-Facing Application) for initial unauthorized access; the injection bypasses content filters to query and retrieve restricted data from the SQLite database, facilitating T1213.006 (Data from Information Repositories: Databases).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2019-25537Shared CWE-89
CVE-2019-25366Shared CWE-89
CVE-2019-25496Shared CWE-89
CVE-2026-1475Shared CWE-89
CVE-2026-26990Shared CWE-89
CVE-2026-44047Shared CWE-89
CVE-2025-12865Shared CWE-89
CVE-2024-11135Shared CWE-89
CVE-2019-25491Shared CWE-89
CVE-2024-13369Shared CWE-89

Affected Assets

agentejo
cockpit
≤ 2.13.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validating and sanitizing inputs like unsanitized field names in aggregation queries to directly prevent SQL injection exploitation in the MongoLite Optimizer.

prevent

Mandates timely identification, reporting, and correction of software flaws such as this SQL injection vulnerability through patching to Cockpit version 2.13.5.

detect

Vulnerability scanning and monitoring identifies SQL injection flaws like CVE-2026-31891 in API endpoints prior to exploitation.

References