CVE-2026-40217: Remote Code Execution via Sandbox Escape in LiteLLM Vulnerability ID: CVE-2026-40217 CVSS Score: 8.8 Published: 2026-05-11 LiteLLM, an open-source LLM proxy, contains a critical sandbox escape vulnerability in its guardrail testing endpoint. An authenticated attacker can bypass regex-based source-code filtering by leveraging Python object hierarchy traversal and runtime bytecode manipulation, leading to arbitrary code execution as the process owner. TL;DR An authenticated RCE vulnerability exists in LiteLLM's /guardrails/test_custom_code endpoint. The custom Python sandbox relies on flawed regex filtering, allowing attackers to rewrite function bytecode and access restricted built-ins to execute system commands.…