LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Summary
A critical SQL injection vulnerability (CVE-2026-42208) in the LiteLLM Python package has been actively exploited in the wild less than 36 hours after its public disclosure. This vulnerability allows attackers to modify the underlying database.
IFF Assessment
The rapid exploitation of a critical vulnerability by threat actors represents a significant risk to systems using the affected software.
Severity
The high CVSS score of 9.3 indicates a critical severity, likely due to the potential for significant impact on confidentiality, integrity, and availability, coupled with ease of exploitation via SQL injection.
Defender Context
This incident highlights the importance of rapid patch deployment for critical vulnerabilities, especially in widely used software libraries like LiteLLM. Defenders should prioritize monitoring for indicators of compromise related to this CVE and ensure their systems are updated to the patched version as soon as possible.