On June 8, 2026, CISA added BerriAI LiteLLM CVE-2026-42271 to its Known Exploited Vulnerabilities (KEV) catalog (Source...

On June 8, 2026, CISA added BerriAI LiteLLM CVE-2026-42271 to its Known Exploited Vulnerabilities (KEV) catalog (Source 2). This high-severity command injection flaw allows any authenticated user, including low-privilege key holders, to execute arbitrary commands on the host. The vulnerability has a due date of June 22 for mitigation, and the advisory references a GitHub security advisory and a patch in v1.83.7-stable.

LiteLLM markets itself as an AI gateway for model access, fallbacks, and spend tracking across 100+ LLMs, with enterprise features and SLAs (Source 1). The project has reported high usage metrics (e.g., millions of container pulls). However, this vulnerability poses a serious security risk that could compromise customer environments and erode trust, especially for enterprise adopters.

Notably, PyPI release data shows extremely rapid versioning from June 9–14 (Sources 3–15), including frequent patches (e.g., 1.83.x, 1.84.x, 1.85.x, etc.), indicating the team is actively fixing issues. The rapid release cadence underscores the urgency of the vulnerability but also suggests potential instability. This incident may slow enterprise adoption and lead to customer churn, making the short-term outlook negative for LiteLLM's developer ecosystem and market position.