AI Gateway Flaw Exploited, Added to US List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability in the widely-used BerriAI LiteLLM AI gateway to its catalog on June 9, 2026, citing active exploitation. This high-severity flaw allows attackers to run arbitrary commands on affected hosts, posing a significant threat to AI infrastructure security.

Tracked as CVE-2026-42271, the command injection vulnerability earned a CVSS score of 8.7. According to a description by BerriAI, two specific endpoints accepted unsafe configuration data that spawned subprocesses. Consequently, any user with a valid proxy API key could execute commands on the system.

The maintainers have since patched the issue in version 1.83.7. However, researchers at Horizon3.ai revealed the flaw can be combined with CVE-2026-48710, a host header validation bypass in the Starlette framework. This exploit chain, detailed last week, completely bypasses authentication for remote code execution.

Successful weaponization grants attackers extensive control over the compromised system. They could access stored credentials, siphon API keys, and move laterally into connected AI infrastructure. The combined CVSS score for this chained attack is a critical 10.0.

Mitigations include blocking the vulnerable endpoints at the network layer and rotating all proxy-stored credentials. Meanwhile, organizations must also review logs for unusual Host header activity. This incident follows another critical LiteLLM flaw, CVE-2026-42208, which was exploited within 36 hours of disclosure just over a month ago.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Micron Soars on AI Demand, Gets Bullish $1,500 Price Target
• Humanity Protocol Hacked: $30M Lost, Token Crashes 85%
• Tokenized Assets Shine Amid 2026 Crypto Slump
• Linux Kernel Flaw Lets Attackers Escalate to Root
• Bernstein: Bitcoin Looks Boring Amid AI Stock Frenzy, Still Eyes $150K