Security Risk Category
litellm Security Risks
Published vulnerability pages connected to litellm. One risk can appear in multiple categories while keeping one canonical page.
litellm risks
Showing 2 of 2 published risks.
criticalCISA KEVEPSS 0.802
BerriAI LiteLLM Command Injection Vulnerability
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.
CVE-2026-42271litellm
Updated Jul 9, 2026
criticalCISA KEVEPSS 0.866
BerriAI LiteLLM SQL Injection Vulnerability
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.
CVE-2026-42208litellm
Updated Jul 9, 2026
