[HIGH] Cockpit CMS has SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw()

PKSA-rm9w-whnt-2jgw CVE-2026-31891 GHSA-7x5c-vfhj-9628

Affected version: <2.13.5

Reported by:
GitHub