Description
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including...
Required Action
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
References
Assess Your Risk
Use the CVSS Calculator to evaluate how this vulnerability affects your specific environment. Consider your network exposure, existing mitigations, and asset criticality.
Frequently Asked Questions
What is CVE-2026-42271?
CVE-2026-42271 (BerriAI LiteLLM Command Injection Vulnerability) is a vulnerability with a CVSS score of 8.8 (HIGH). BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including...
How do I fix CVE-2026-42271?
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
How severe is CVE-2026-42271?
CVE-2026-42271 has a CVSS score of 8.8, classified as HIGH. This vulnerability is in the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning it has been actively exploited in the wild.
Free Security Tools
FixTheVuln Store
Stay Ahead of Vulnerabilities
Structured study planners for 60+ security certifications. Master vulnerability management with domain trackers and exam strategies.
Shop Security+ PlannerCyberFolio
Vulnerability management on your resume? Prove it.
Build a shareable cybersecurity portfolio that highlights your certifications, projects, and skills — free.
Build Your Portfolio →