ON 8 June 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE‑2026‑42271 to its Known Exploited Vulnerabilities (KEV) catalogue. The flaw affects BerriAI’s LiteLLM product and is tracked as the BerriAI LiteLLM Command Injection Vulnerability. It allows any authenticated user, even those with low‑privilege internal‑user keys, to execute arbitrary commands on the host system.
The vulnerability is a command injection issue that can be exploited via crafted input processed by LiteLLM, leading to remote code execution with the privileges of the application. The National Vulnerability Database assigns it a CVSS v3.1 score of 8.7, rating it as HIGH severity. A patch is available; the advisory and fixed release are referenced in the vendor’s security notice.
CISA’s inclusion in the KEV catalogue confirms that active exploitation of this flaw has been observed in the wild. No public reports link the vulnerability to ransomware campaigns at this time. Federal civilian executive branch (FCEB) agencies must apply the required mitigations by the remediation due date of 22 June 2026.
CISA directs FCEB agencies to apply mitigations per the vendor’s instructions, follow applicable Binding Operational Directive 22‑01 guidance for cloud services, or discontinue use of LiteLLM if mitigations cannot be implemented. While the directive is mandatory for FCEB organisations, all other entities should review their exposure to LiteLLM and apply the vendor’s patch or mitigations as soon as practicable. Organisations should also monitor for any subsequent advisories from BerriAI.
For full technical details, see the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-42271 and the CISA KEV catalogue for full details.