CISA Adds BerriAI LiteLLM Vulnerability to KEV Catalog
CISA has added a SQL injection vulnerability in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog following reports of active exploitation.
CISA has updated its Known Exploited Vulnerabilities (KEV) Catalog to include a SQL injection vulnerability in BerriAI LiteLLM, designated as CVE-2026-42208. The agency noted that this vulnerability is currently being exploited by malicious cyber actors.
As with other entries in the KEV catalog, this vulnerability represents a significant risk to the federal enterprise. FCEB agencies are mandated by BOD 22-01 to remediate this issue to prevent potential compromise of their systems.
Users of BerriAI LiteLLM are encouraged to review the CISA alert and apply necessary patches or mitigations immediately. Monitoring for signs of exploitation is recommended for all affected environments.