THREATOPS
THREAT OPSCVEs › CVE-2026-42271

CVE-2026-42271 — BerriAI LiteLLM Command Injection Vulnerability

CISA KEVExploited: confirmedBerriAI

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.

Vulnerability details

Related reporting