COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-42271

CVE-2026-42271

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-06-08
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-42271
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildsupply-chain

BerriAI LiteLLM allows authenticated users to execute arbitrary host commands via command injection.

This vulnerability enables low-privilege internal users to run arbitrary commands on the host, posing a severe risk to DIB organizations relying on BerriAI LiteLLM for secure AI workloads. The ability to execute arbitrary commands via command injection directly violates NIST 800-171 and CMMC requirements for system integrity and access control, potentially leading to data exfiltration or lateral movement. DIB vendors must immediately patch this vulnerability and audit all BerriAI LiteLLM deployments to prevent unauthorized command execution.

Shame score — A command injection vulnerability allowing arbitrary command execution via low-privilege authentication is a critical security failure that undermines system integrity and access control requirements.

Players implicated

BerriAI · vendorlitellm · product

Description

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.