BREAKING SECURITY ALERT β€” CISA KEV CATALOG UPDATE: ACTIVE EXPLOITATION CONFIRMED

BLUF: CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog based on confirmed active exploitation. One is a Command Injection flaw in BerriAI LiteLLM (CVE-2026-42271). Organizations using affected products must treat patching as urgent priority.

DETAILS

  • CISA confirmed active exploitation of at least two vulnerabilities and added them to the KEV Catalog; federal agencies are legally required to remediate KEV-listed vulnerabilities within mandated timeframes under BOD 22-01.
  • CVE-2026-42271 is identified as a Command Injection vulnerability in BerriAI LiteLLM, an open-source LLM proxy/gateway widely used to route requests across multiple AI model providers. Command injection flaws can allow unauthenticated or authenticated attackers to execute arbitrary system commands on the host.
  • The second vulnerability has not been fully identified in available source data. Its CVE identifier, affected product, and exploitation details are unconfirmed at this time β€” this alert will be updated when additional information is available.
  • LiteLLM is commonly deployed in enterprise AI infrastructure, developer environments, and cloud-native pipelines β€” increasing the potential blast radius of exploitation.
  • No specific threat actor attribution for active exploitation has been confirmed in available reporting.

IMPACT

  • Directly affected: Organizations running BerriAI LiteLLM in any environment β€” particularly those exposing the proxy to external networks or shared infrastructure.
  • Broader risk context: Active exploitation of AI infrastructure tooling aligns with a documented trend of threat actors targeting AI/ML pipeline components. Related reporting indicates AI-adjacent platforms are increasingly being leveraged for cryptojacking, credential theft, and lateral movement.
  • Scope of second vulnerability: Unknown pending full CISA disclosure β€” treat as potentially high severity until confirmed otherwise.
  1. Immediately audit all deployments of BerriAI LiteLLM across your environment, including containerized and cloud-hosted instances.
  2. Apply available patches or mitigations per vendor guidance; check BerriAI’s GitHub and security advisories for CVE-2026-42271 remediation steps.
  3. Restrict network exposure of LiteLLM proxy endpoints β€” do not expose admin interfaces to the public internet.
  4. Federal agencies: Remediate per BOD 22-01 mandated timelines. Verify second KEV entry via CISA catalog directly.
  5. Monitor for anomalous command execution, unexpected outbound connections, or privilege escalation activity on hosts running LiteLLM.
  6. Check CISA KEV Catalog directly at cisa.gov/known-exploited-vulnerabilities-catalog for the confirmed second CVE entry.

SOURCES

  • CISA Known Exploited Vulnerabilities Catalog β€” cisa.gov/known-exploited-vulnerabilities-catalog
  • CVE Record: CVE-2026-42271 β€” cve.org
  • CISA Current Activity Advisory (direct trigger)

⚠️ UNCERTAINTY FLAG: The second KEV entry was truncated in source data. Details on that CVE β€” including affected vendor, product, and severity β€” are unconfirmed. Do not assume low risk. Verify immediately via CISA’s official catalog.