| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-42208 |
critical |
9.8 |
10.0 |
20d ago |
LiteLLM has SQL Injection in Proxy API key verification |
|
| CVE-2026-42271 |
high |
8.8 |
8.8 |
20d ago |
LiteLLM: Authenticated command execution via MCP stdio test endpoints |
|
| CVE-2026-42203 |
high |
8.8 |
8.8 |
20d ago |
LiteLLM: Server-Side Template Injection in /prompts/test endpoint |
|
| CVE-2026-40217 |
high |
8.8 |
8.8 |
2mo ago |
LiteLLM has a sandbox escape in custom-code guardrail |
|
| CVE-2026-35029 |
high |
8.8 |
8.8 |
2mo ago |
LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint |
|