Package impact
PIP / litellm
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42271 | high | 8.8 | 8.8 | 20d ago | LiteLLM: Authenticated command execution via MCP stdio test endpoints | |
| CVE-2026-42203 | high | 8.8 | 8.8 | 20d ago | LiteLLM: Server-Side Template Injection in /prompts/test endpoint | |
| CVE-2026-40217 | high | 8.8 | 8.8 | 2mo ago | LiteLLM has a sandbox escape in custom-code guardrail | |
| CVE-2026-35029 | high | 8.8 | 8.8 | 2mo ago | LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint |