ATTACKERS rapidly weaponised a critical flaw in LiteLLM, CVE-2026-42208, to access and potentially modify database data via SQL injection just days after disclosure, according to the article.
The vulnerability resides in LiteLLM’s proxy API key verification, where the user-supplied key is inserted directly into a query rather than passed as a parameter, enabling unauthenticated exploitation by sending a crafted Authorization header to endpoints such as POST /chat/completions and reaching the query through the proxy’s error-handling path.
The flaw affects LiteLLM versions 1.81.16 to 1.83.6 and was fixed in 1.83.7 on 19 April 2026; Sysdig Threat Research Team observed exploitation about 36 hours after the advisory was published to the global database. Real-world attacks targeted sensitive information in the proxy’s database, though researchers noted no signs of data theft or follow-through at the time.
The report highlights rapid, targeted schema-enumeration of high-value tables holding virtual API keys, stored provider credentials, and the proxy’s environment-variable configuration, underscoring the speed and precision of the attack. according to BerriAI’s advisory.