CISA Adds Critical LiteLLM Vulnerability to Known Exploited Catalog, Mandates Federal Remediation by June 22
Leave it on the tray for the seagulls.
Summary
CISA has added CVE-2026-42271, a critical vulnerability affecting LiteLLM Model Context Protocol endpoints, to its Known Exploited Vulnerabilities catalog. Federal agencies must remediate by June 22 under Binding Operational Directive 22-01. The flaw can be chained with CVE-2026-48710 (a BadHost/Starlette authentication bypass) to enable unauthenticated remote code execution via forged host headers. CISA reports sustained targeting of AI gateway infrastructure, with repeated weaponization of LiteLLM flaws within a month. LiteLLM's gateway architecture exposes over 200 data connectors, making it a high-value entry point for lateral movement, data access, and persistence.
Key quotes
· 5 pulledCISA added CVE-2026-42271 to its Known Exploited Vulnerabilities catalog on June 9, requiring federal agencies to remediate within 13 days.
Exploitation can chain with CVE-2026-48710, a BadHost/Starlette authentication bypass, to remove credential requirements.
Forged host headers accepted by the framework enable unauthenticated remote code execution for anyone reachable on the network.
CISA characterizes the activity as sustained targeting of AI gateway infrastructure, marking repeated weaponization of LiteLLM flaws within a month.
LiteLLM's gateway architecture exposes more than 200 data connectors, increasing its value as an entry point for lateral movement, data access, and persistence.
You might also wanna read
Real-Time Investigation of LiteLLM 1.82.8 PyPI Supply Chain Attack on March 24, 2026
This article documents a real-time investigation and response to the LiteLLM 1.82.8 supply chain attack on March 24, 2026. It presents a min
futuresearch.ai·2mo ago
Critical Security Alert: Malicious Credential-Stealing File Found in litellm 1.82.8 PyPI Package
The article reports a critical security vulnerability in the litellm==1.82.8 Python package on PyPI, which contains a malicious .pth file th
github.com·2mo ago
Security Alert: Litellm Versions 1.82.7 and 1.82.8 on PyPI Compromised - Sandboxing Limitations Discussed
The article discusses a security incident involving compromised versions of Litellm (1.82.7 and 1.82.8) on PyPI, highlighting the importance
news.ycombinator.com·2mo ago
Critical Security Vulnerability CVE-2025-66478 in React Server Components Protocol
A critical security vulnerability (CVE-2025-66478) has been discovered in the React Server Components (RSC) protocol with a CVSS score of 10
nextjs.org·6mo ago
CVE-2026-48710 (BadHost): Critical Starlette Host-Header Auth Bypass Vulnerability Affects FastAPI and Python ASGI Applications
A critical security vulnerability (CVE-2026-48710, dubbed "BadHost") has been discovered in Starlette web framework versions prior to 1.0.1,
badhost.org·18d ago
Critical Redis Security Vulnerability CVE-2025-49844 Allows Remote Code Execution
Redis has identified and fixed a critical security vulnerability (CVE-2025-49844) that allows authenticated users to execute remote code thr
redis.io·8mo ago