LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA has added CVE-2026-42271, a high-severity command injection flaw in BerriAI LiteLLM, to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. Horizon3.ai also showed that CVE-2026-42271 can be chained with CVE-2026-48710 in Starlette to bypass authentication and achieve unauthenticated remote code execution against vulnerable LiteLLM deployments. #CVE-2026-42271 #CVE-2026-48710 #LiteLLM #BerriAI #Starlette

Keypoints

  • CISA added CVE-2026-42271 to the KEV catalog because it is being actively exploited.
  • The flaw is a command injection issue in BerriAI LiteLLM affecting versions 1.74.2 through 1.83.6.
  • Two MCP preview endpoints could spawn attacker-supplied commands on the proxy host.
  • Version 1.83.7 fixes the issue by requiring the PROXY_ADMIN role for the test endpoints.
  • Horizon3.ai demonstrated a chain with CVE-2026-48710 in Starlette that can lead to unauthenticated remote code execution.

Read More: https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html