CYBERHAWK / CVE / CVE-2026-42271

CVE-2026-42271

LiteLLM

ACTIVELY EXPLOITED (KEV) other

The flaw

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-42271

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCEThe Hacker News · 2026-06-09
Active Exploitation Alert: CVE-2026-42271 and CVE-2026-48710—Unauthenticated RCE in LiteLLM AI Gateway via Starlette Host Header BypassRescana · 2026-06-09
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)Help Net Security · 2026-06-09

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits