Cockpit CMS has SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw()
Description
Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the /api/content/aggregate/{model} endpoint is publicly accessible or reachable by untrusted users may be vulnerable, and attackers in possession of a valid read-only API key (the lowest privilege level) can exploit this vulnerability — no admin access is required. An attacker can inject arbitrary SQL via unsanitized field names in aggregation queries, bypass the _state=1 published-content filter to access unpublished or restricted content, and extract unauthorized data from the underlying SQLite content database. This vulnerability has been patched in version 2.13.5. The fix applies the same field-name sanitization introduced in v2.13.3 for toJsonPath() to the toJsonExtractRaw() method in lib/MongoLite/Aggregation/Optimizer.php, closing the injection vector in the Aggregation Optimizer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cockpit CMS 2.13.4 and earlier is vulnerable to SQL injection via unsanitized field names in the MongoLite Aggregation Optimizer, allowing read-only API key holders to extract unauthorized data.
Vulnerability
Detail CVE-2026-31891 is a SQL injection vulnerability in the MongoLite Aggregation Optimizer component of Cockpit CMS. The flaw arises from unsanitized field names passed to the toJsonExtractRaw() method in lib/MongoLite/Aggregation/Optimizer.php, which directly concatenates them into SQL queries without proper escaping [1][4]. This mirrors a previous vulnerability in toJsonPath() that was fixed in v2.13.3 [4].
Exploitation
An attacker can exploit this vulnerability by sending a crafted aggregation request to the /api/content/aggregate/{model} endpoint. The attacker must possess a valid read-only API key, which is the lowest privilege level; no administrative access is required. The endpoint must be publicly accessible or reachable by untrusted users [1][4]. The injection occurs via field name parameters in the aggregation query, allowing arbitrary SQL to be executed against the underlying SQLite content database [4].
Impact
Successful exploitation enables the attacker to inject arbitrary SQL, bypass the _state=1 published-content filter, and access unpublished or restricted content. The attacker can also extract unauthorized data from the database, leading to a high confidentiality impact. Integrity and availability are not directly affected [1][4].
Mitigation
The vulnerability has been patched in Cockpit CMS version 2.13.5 [3]. The fix applies the same field-name sanitization used by toJsonPath() to the toJsonExtractRaw() method, closing the injection vector. All users running versions 2.13.4 or earlier are strongly advised to upgrade immediately [4].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cockpit-hq/cockpitPackagist | < 2.13.5 | 2.13.5 |
Affected products
2- Range: <=2.13.4
- Cockpit-HQ/Cockpitv5Range: < 2.13.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-7x5c-vfhj-9628ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-31891ghsaADVISORY
- github.com/Cockpit-HQ/Cockpit/releases/tag/2.13.5ghsax_refsource_MISCWEB
- github.com/Cockpit-HQ/Cockpit/security/advisories/GHSA-7x5c-vfhj-9628ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.