CVE-2026-58473
Received Received - Intake

Improper Access Control in Cognee Before 1.2.0

Vulnerability report for CVE-2026-58473, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-07

Last updated on: 2026-07-07

Assigner: VulnCheck

Description

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all LLM operations instance-wide to an attacker-controlled endpoint by exploiting the process-wide singleton configuration cache, enabling exfiltration of prompts, uploaded documents, extracted entities, and knowledge graph content from all users.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-07
Last Modified
2026-07-07
Generated
2026-07-08
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
cognee cognee to 1.2.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in Cognee versions before 1.2.0 and is due to improper access control. It allows unauthenticated attackers to overwrite the global Large Language Model (LLM) provider configuration by self-registering an account and calling the settings endpoint, which lacks admin or superuser verification.

By exploiting this, attackers can redirect all LLM operations across the entire instance to an attacker-controlled endpoint.

This happens because the configuration cache is a process-wide singleton, meaning the change affects all users.

Impact Analysis

The vulnerability can have severe impacts as it enables attackers to exfiltrate sensitive data from all users.

  • Attackers can steal prompts submitted by users.
  • Uploaded documents can be accessed and exfiltrated.
  • Extracted entities and knowledge graph content from all users can be compromised.

Overall, this leads to a high risk of data leakage and loss of confidentiality across the entire application instance.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-58473. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart