CVE-2026-31891
Published: 18 March 2026
Summary
CVE-2026-31891 is a high-severity SQL Injection (CWE-89) vulnerability in Agentejo Cockpit. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 1.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validating and sanitizing inputs like unsanitized field names in aggregation queries to directly prevent SQL injection exploitation in the MongoLite Optimizer.
Mandates timely identification, reporting, and correction of software flaws such as this SQL injection vulnerability through patching to Cockpit version 2.13.5.
Vulnerability scanning and monitoring identifies SQL injection flaws like CVE-2026-31891 in API endpoints prior to exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in publicly accessible /api/content/aggregate endpoint of Cockpit CMS directly enables T1190 (Exploit Public-Facing Application) for initial unauthorized access; the injection bypasses content filters to query and retrieve restricted data from the SQLite database, facilitating T1213.006 (Data from Information Repositories: Databases).
NVD Description
Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the `/api/content/aggregate/{model}` endpoint…
more
is publicly accessible or reachable by untrusted users may be vulnerable, and attackers in possession of a valid read-only API key (the lowest privilege level) can exploit this vulnerability — no admin access is required. An attacker can inject arbitrary SQL via unsanitized field names in aggregation queries, bypass the `_state=1` published-content filter to access unpublished or restricted content, and extract unauthorized data from the underlying SQLite content database. This vulnerability has been patched in version 2.13.5. The fix applies the same field-name sanitization introduced in v2.13.3 for `toJsonPath()` to the `toJsonExtractRaw()` method in `lib/MongoLite/Aggregation/Optimizer.php`, closing the injection vector in the Aggregation Optimizer.
Deeper analysisAI
CVE-2026-31891 is a SQL injection vulnerability (CWE-89) affecting Cockpit, a headless content management system, in versions 2.13.4 and earlier. The issue resides in the MongoLite Aggregation Optimizer, specifically within the `toJsonExtractRaw()` method in `lib/MongoLite/Aggregation/Optimizer.php`, where unsanitized field names in aggregation queries allow arbitrary SQL injection. Cockpit CMS instances with API access enabled are potentially vulnerable if the `/api/content/aggregate/{model}` endpoint is publicly accessible or reachable by untrusted users. The vulnerability carries a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
Attackers possessing a valid read-only API key—the lowest privilege level—can exploit this vulnerability without requiring admin access. By crafting malicious aggregation queries with injected SQL via field names, they can bypass the `_state=1` filter that restricts access to published content, enabling retrieval of unpublished or restricted data from the underlying SQLite content database.
The vulnerability has been addressed in Cockpit version 2.13.5, which applies field-name sanitization—previously introduced in v2.13.3 for the `toJsonPath()` method—to the `toJsonExtractRaw()` function, thereby closing the injection vector. Official advisories and the release notes are available at the Cockpit GitHub repository's release page for v2.13.5 and the security advisory GHSA-7x5c-vfhj-9628.
Details
- CWE(s)