[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:litellm-flaw-cve-2026-42271-exploited-in-the-wild-chains-to-unauthenticated-rce-mq87b576":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":14,"action_required":20,"article_ids":21,"ioc_summary":23,"source_urls":24,"status":26,"expires_at":27,"created_at":28,"updated_at":29,"articles":30},"523336a8-6cdf-423a-aeb4-4a48be410b01","LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE","litellm-flaw-cve-2026-42271-exploited-in-the-wild-chains-to-unauthenticated-rce-mq87b576","A critical command injection vulnerability (CVE-2026-42271) in LiteLLM AI gateway versions 1.74.2 through 1.83.7 is being actively exploited in the wild. Researchers have chained this with a Starlette flaw to achieve unauthenticated RCE, bypassing authentication entirely. Compromised systems face immediate risk of credential theft and lateral movement.","critical","advisory",[12,13],"CVE-2026-42271","CVE-2026-48710",[15,16,17,18,19],"LiteLLM","BerriAI","Starlette","Horizon3.ai","Python SDK","Immediately identify and patch all LiteLLM instances to version 1.83.7 or later. Hunt for exploitation indicators: check access logs for suspicious requests to LiteLLM endpoints, scan for process execution anomalies on affected hosts, and review credential access logs for unauthorized activity.",[22],"f7ba3932-702a-4698-be43-8602c26e87c5",null,[25],"https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Flitellm-flaw-cve-2026-42271-exploited.html","active","2026-06-12T15:05:40.858+00:00","2026-06-10T15:05:57.597759+00:00","2026-06-10T15:06:01.396722+00:00",[31],{"id":22,"title":6,"url":25}]