HomeCVE Intelligence › CVE-2026-42271
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Security Vulnerability

CVE-2026-42271: LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitatio…

8.0CVSS Score
HIGHSeverity
YESCISA KEV
Security VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-42271
VendorThe Hacker News
Affected ProductThreat Intelligence
Vulnerability TypeSecurity Vulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes — CISA KEV Listed
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via thehackernews)

🔬 Technical Analysis

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-42271 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence