BerriAI LiteLLM actively exploited command injection (CVE-2026-42271)

Vulnerability

First reported

09.06.2026 09:26

Last updated

09.06.2026 09:26

Happening score

H score 51

1 unique sources, 1 articles

Summary

Hide ▲

CVE-2026-42271 in BerriAI LiteLLM was added to CISA's KEV catalog after evidence of active exploitation, creating remote command-execution risk for affected proxy deployments. The command injection flaw impacts LiteLLM Python package versions >= 1.74.2 < 1.83.7 and can let an authenticated user run arbitrary commands on the host. Version 1.83.7 patches the issue by restricting the vulnerable endpoints to the PROXY_ADMIN role.

Related Happenings

LiteLLM pre-auth SQL injection (CVE-2026-42208)

Vulnerability

First: 29.04.2026 00:07 Last: 29.04.2026 00:07 Sources 1

About this happening: **LiteLLM**'s **CVE-2026-42208** pre-auth SQL injection is being actively exploited, putting proxy databases and stored secrets at risk. The flaw can be triggered without authenti...

Latest development: 29.04.2026 08:34

BerriAI released `1.83.7-stable` on April 19, 2026 to address `CVE-2026-42208`, a critical `SQL injection` in LiteLLM proxy API key checks, and recommended setting `disable_error_logs: true` as a workaround when immediate upgrading is not possible.

Open Happening

LiteLLM Python package hit by network compromise linked to TeamPCP

Incident

First: 25.03.2026 00:29 Last: 25.03.2026 00:29 Sources 1

About this happening: The **LiteLLM** Python package was compromised on **PyPI** after attackers published malicious **1.82.7** and **1.82.8** releases, putting downstream installs at risk of **credent...