{"id":237613,"date":"2026-04-29T01:34:00","date_gmt":"2026-04-29T05:34:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/litellm-cve-2026-42208-sql-injection-exploited-within-36-hours-of-disclosure\/"},"modified":"2026-04-30T17:50:08","modified_gmt":"2026-04-30T21:50:08","slug":"litellm-cve-2026-42208-sql-injection-exploited-within-36-hours-of-disclosure","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/litellm-cve-2026-42208-sql-injection-exploited-within-36-hours-of-disclosure\/","title":{"rendered":"LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/litellm-cve-2026-42208-sql-injection.html\">LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/litellm-cve-2026-42208-sql-injection.html\">https:\/\/thehackernews.com\/2026\/04\/litellm-cve-2026-42208-sql-injection.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-29 01:34:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Apr 29, 2026<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Cloud Security<\/span><\/p>\n<p>In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI&#8217;s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge.<\/p>\n<p>The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could be exploited to modify the underlying LiteLLM proxy database.<\/p>\n<p>&#8220;A database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter,&#8221; LiteLLM maintainers said in an alert last week.<\/p>\n<p>&#8220;An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example, POST \/chat\/completions) and reach this query through the proxy&#8217;s error-handling path. An attacker could read data from the proxy&#8217;s database and may be able to modify it, leading to unauthorized access to the proxy and the credentials it manages.&#8221;<\/p>\n<p>The shortcoming affects the following versions &#8211;<\/p>\n<p>While the vulnerability was addressed in version 1.83.7-stable released on April 19, 2026, the first exploitation attempt was recorded on April 26 at 16:17 UTC, roughly 26 hours and seven minutes after the GitHub advisory was indexed in the global GitHub Advisory Database. The SQL injection activity, per Sysdig, originated from the IP address 65.111.27[.]132.<\/p>\n<p>&#8220;Malicious activity fell into two phases driven by the same operator across two adjacent egress IPs, followed by a brief unauthenticated probe of the key-management endpoints,&#8221; security researcher Michael Clark said.<\/p>\n<p>Specifically, the unknown threat actor is said to have targeted database tables like &#8220;litellm_credentials.credential_values&#8221; and &#8220;litellm_config&#8221; that hold information related to upstream large language model (LLM) provider keys and the proxy runtime environment. No probes were observed against tables like&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/litellm-cve-2026-42208-sql-injection.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure https:\/\/thehackernews.com\/2026\/04\/litellm-cve-2026-42208-sql-injection.html Publish Date: 2026-04-29 01:34:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237614,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgev8o8oELGzruYVoLF6t_fn8gZnmWpTXq4Xgoq5n4Tc1H4qmyLdYJ53-8pGelRL4BrBtZqpCCsSgo_He2ItCULVwwPIgOHuN6S6zn5s9RYFASTpWxIoX8vlPmigRngBNb0ucFElbHxiz8uPWa2OkasjaBTQAG8hqeHqi_llW4WMI_gIZHjx23jm-O3ccQx\/s1600\/lite.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[18,17,34,27],"class_list":["post-237613","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-large-language-model","tag-llm","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237613"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237613"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237613\/revisions"}],"predecessor-version":[{"id":237615,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237613\/revisions\/237615"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237614"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}