{
  "title": "LiteLLM CVE-2026-42271: KEV Command Injection in AI Proxy Servers",
  "summary": "CISA added BerriAI LiteLLM CVE-2026-42271 to its KEV catalog on 2026-06-08 due to active exploitation. This high-severity command injection vulnerability in MCP server preview endpoints allows authenticated (or unauthenticated, when chained with CVE-2026-48710) users to run arbitrary shell commands on the host proxy.",
  "date": "2026-06-08",
  "severity": "critical",
  "tags": [
    "litellm",
    "cisa-kev",
    "remote-code-execution",
    "zero-day",
    "starlette"
  ],
  "sources_count": 3,
  "indicators": {
    "slug": "litellm-cve-2026-42271-kev",
    "since": "2026-06-08T00:00:00Z",
    "until": "2026-06-08T23:59:59Z",
    "ecosystem": "",
    "cves": [
      "CVE-2026-42271",
      "CVE-2026-48710"
    ],
    "cwes": [
      "CWE-78"
    ],
    "advisoryIds": [],
    "products": [
      "LiteLLM"
    ],
    "packages": [
      "litellm",
      "starlette"
    ],
    "versions": [],
    "affectedVersions": [
      "1.74.2 to 1.83.6"
    ],
    "fixedVersions": [],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [],
    "urls": [],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": [
      "/mcp-rest/test/connection",
      "/mcp-rest/test/tools/list",
      "litellm"
    ]
  }
}