Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

LiteLLM endpoint-hardening patch release (CVE-2026-42271)

Security Patch Release
First reported
Last updated
Happening score
H score 59
1 unique sources, 1 articles

Summary

Hide ▲

BerriAI released LiteLLM 1.83.7, hardening access to the vulnerable MCP test endpoints that accepted full server configurations. The update now requires the PROXY_ADMIN role for both endpoints, aligning them with the save endpoint and closing the weaker access-control path. The release addresses CVE-2026-42271 in LiteLLM versions >= 1.74.2 < 1.83.7, a command-injection flaw that could let authenticated users run arbitrary commands on the proxy host.

Related Happenings

Cisco Unified Communications Manager security update for CVE-2026-20230

Security Patch Release
First: 04.06.2026 14:09 Last: 04.06.2026 14:09 Sources 1

About this happening: Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...

Open Happening

LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)

Security Patch Release
First: 27.05.2026 13:06 Last: 27.05.2026 13:06 Sources 1

About this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...

Open Happening

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Timeline

  1. 09.06.2026 09:26 2 articles · 2h ago

    LiteLLM 1.83.7 requires PROXY_ADMIN on MCP test endpoints

    Mitigation Patch Update

    BerriAI released LiteLLM 1.83.7 and hardened the MCP preview workflow so POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list now require the PROXY_ADMIN role, matching the save endpoint and closing the command-injection path tracked as CVE-2026-42271 in LiteLLM Python package versions >= 1.74.2 < 1.83.7.

    Show sources
    Open in new tab
  2. 09.06.2026 09:26 1 articles · 2h ago

    CISA adds CVE-2026-42271 in LiteLLM to KEV after active exploitation

    Initial Disclosure

    CISA added CVE-2026-42271 in BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation, and Horizon3.ai said the flaw could be chained with CVE-2026-48710 in Starlette versions ≤ 1.0.0 to bypass authentication and achieve unauthenticated remote code execution against vulnerable LiteLLM deployments.

    Show sources
    Open in new tab