THREAT OPS › CVEs › CVE-2026-42271
CVE-2026-42271 — BerriAI LiteLLM Command Injection Vulnerability
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.
Vulnerability details
- Affected productsLiteLLM
- KEV remediation due2026-06-22