LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

Source Domain: thehackernews.com

Summary:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw (CVE-2026-42271) in the BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. This command injection vulnerability allows authenticated users to execute arbitrary commands on the host by transmitting a full server configuration via endpoints. Additionally, Horizon3.ai exposed a more critical issue by chaining it with another vulnerability (CVE-2026-48710) in Starlette, leading to unauthenticated remote code execution. This combined flaw could enable attackers to manipulate critical system behaviors, compromise connected AI infrastructure, and potentially breach downstream systems. Users are urged to update to specific versions of LiteLLM and Starlette or to implement immediate mitigations like restricting access, credential rotation, and logging review to limit potential risks.

Key Points:

CISA adds a high-severity command injection (CVE-2026-42271) in BerriAI LiteLLM to its KEV catalog due to active exploitation.
CVE-2026-42271 allows authenticated users to run arbitrary commands on the host by abusing two specific endpoints.
Horizon3.ai chained CVE-2026-42271 with CVE-2026-48710, resulting in unauthenticated remote code execution, scored 10.0 in combined CVSS.
Successful exploitation could allow attackers to access credentials, move laterally, and compromise downstream systems.
Users should update LiteLLM and Starlette packages and apply suggested interim mitigations if patching immediately is not possible.