THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as an authoritative resource for managing and prioritizing vulnerabilities that have been actively exploited. Organizations are encouraged to integrate the KEV catalog into their cybersecurity frameworks. The page highlights a specific vulnerability (CVE-2026-42271) related to the BerriAI LiteLLM, which allows command injection and poses risks even to users with low privilege.
Users are advised to implement vendor-recommended mitigations or discontinue use of the affected product. Additional resources are provided, including data formats for the catalog and a nomination link for new vulnerabilities.