THREAT OPS › CVEs › CVE-2026-42208
CVE-2026-42208 — BerriAI LiteLLM SQL Injection Vulnerability
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorised access to the proxy and the credentials it manages.
Vulnerability details
- Affected productsLiteLLM
- KEV remediation due2026-05-11