HIGHVulnerability
Verified
Global

CISA KEV: BerriAI LiteLLM — BerriAI LiteLLM Command Injection Vulnerability

·Source: CISA KEV

Updated:

Executive Summary

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.

Analysis

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-08. Remediation due: 2026-06-22.

Indicators of Compromise (1)

CVE (1)
CVE-2026-42271
Source Attribution

Originally published by CISA KEV on Jun 8, 2026. Verified by: CISA.

Related Threats