237/69 Thursday, April 30, 2026
A critical vulnerability, CVE-2026-42208, has been actively exploited in LiteLLM, an open-source gateway for large language models (LLMs). The flaw is an unauthenticated SQL injection vulnerability that occurs during the proxy API key validation process. Attackers can exploit this issue by sending specially crafted Authorization headers to LiteLLM API endpoints, enabling unauthorized access to the backend database.
According to a report from Sysdig, exploitation attempts were observed within approximately 36 hours after the vulnerability was disclosed in a public advisory database. Attackers were seen sending requests to the /chat/completions endpoint to probe the database structure and target sensitive tables containing virtual API keys, provider credentials, and environment variable configurations. This behavior indicates that attackers have a strong understanding of LiteLLM’s database schema and are directly targeting sensitive data. However, there is currently no confirmed evidence that compromised keys have been used or that systems have been fully breached.
The vulnerability has been patched in LiteLLM version 1.83.7, with affected versions ranging from 1.81.16 up to (but not including) 1.83.7. Organizations using LiteLLM are strongly advised to update to the latest version immediately and review historical logs for suspicious requests-particularly those involving abnormal Authorization headers. If the system was exposed to the internet and running a vulnerable version, it is recommended to rotate all related keys and credentials to mitigate further risk.