Vulnerability  ·  2026-07-09

Cognee Improper Access Control — Unauthenticated LLM Provider Configuration Overwrite

VulnerabilityHigh impactGlobalCVE-2026-58473
CVE-2026-58473 (CVSS 9.1 Critical), published July 7, 2026, is an improper access control vulnerability in Cognee that lets any self-registered unauthenticated-tier attacker overwrite the instance-wide LLM provider configuration via the settings endpoint, which lacks authorization checks.
Global LLM provider hijacking in a multi-tenant AI memory platform allows an attacker to redirect all users' LLM traffic to a malicious endpoint, enabling mass prompt/response interception, credential theft, and manipulation of AI outputs across every tenant on the instance.
An attacker self-registers an account (no special privilege needed) and calls the settings endpoint, which performs no admin/superuser authorization check, allowing them to overwrite the global LLM provider configuration for all tenants — redirecting all LLM traffic to an attacker-controlled endpoint.
Cognee (AI knowledge/memory framework) before 1.2.0
Upgrade to Cognee ≥1.2.0 (fix per github.com/topoteretes/cognee commit d10b1b7); enforce admin/superuser checks on settings endpoints.
NVD - CVE-2026-58473Cognee fix commit
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →