COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-42208

CVE-2026-42208

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-05-08
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-42208
⌖ exploited in the wild shame 65/100 exploited-in-wilddata-breachsupply-chain

BerriAI LiteLLM contains a SQL injection vulnerability enabling unauthorized database access and credential theft.

The SQL injection flaw in BerriAI LiteLLM allows attackers to read and modify data in the proxy's database, including credentials, creating a direct supply-chain risk for DIB organizations relying on the service. This vulnerability is actively exploited and poses a significant threat to data integrity and confidentiality, requiring immediate patching and vendor accountability.

Shame score — Active exploitation of a SQL injection vulnerability in a widely used AI proxy service indicates a critical security oversight that could lead to credential theft and data breaches.

Players implicated

BerriAI · vendorlitellm · product

Description

BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.