Security · 4h ago
CVE-2026-42271: LiteLLM RCE Flaw Under Active Exploitation
A critical command-injection vulnerability (CVSS 8.8) in LiteLLM, a popular open-source AI gateway, allows authenticated remote code execution via MCP-server preview endpoints. CISA added it to the Known Exploited Vulnerabilities catalog on June 9, confirming active exploitation. The flaw can be chained with a Starlette host-header bypass for unauthenticated RCE.
Meridian48 take
LiteLLM's ubiquity in AI stacks makes this more than a single CVE—it's a systemic risk for any team using MCP-based tool integrations without strict input validation.
Read the full reporting
CVE-2026-42271: How a Popular AI Gateway Became an RCE Vector — And What to Audit in Your Stack →
DEV Community
litellmrce-vulnerability