Summary

LiteLLM patched a critical pre-authentication SQL injection vulnerability (CVE-2026-42208) that allows attackers to steal cloud provider credentials and master API keys. The flaw was exploited in the wild within 36 hours of disclosure, targeting sensitive database tables used for AI gateway management.

Take Action:

If you run LiteLLM, update to version 1.83.7 immediately to patch CVE-2026-42208, and isolate the proxy from the internet so it's only reachable from trusted networks. Assume any internet-exposed instance has been compromised - rotate all virtual API keys and provider credentials (OpenAI, Anthropic, AWS Bedrock) right away.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines