HIGHVulnerability
Verified
Global
CISA KEV: BerriAI LiteLLM — BerriAI LiteLLM Command Injection Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.
Analysis
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-08. Remediation due: 2026-06-22.