High Actively Exploited cisa_kev · CVE-2026-42208

BerriAI LiteLLM SQL Injection Vulnerability

Published May 8, 2026 CVSS 9.3

BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.

Affected AI Products

litellm

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.