## Overview
LiteLLM, a proxy server for calling LLM APIs, has a serious vulnerability identified as CVE-2026-42208. This flaw affects versions 1.81.16 to 1.83.6. An exploit has been weaponized, allowing unauthenticated attackers to gain unauthorized access to sensitive data.
## Technical Details
The vulnerability arises from a database query that improperly mixes caller-supplied API keys into the query text. Instead of treating the key as a separate parameter, the system incorporates it directly into the query. This oversight allows attackers to craft a malicious Authorization header. When sent to any LLM API route, such as POST /chat/completions, the query can be reached through the proxy's error-handling path. This flaw can lead to unauthorized reading and potentially modification of data within the proxy's database.
## Impact
An attacker exploiting this vulnerability could gain access to the proxy's database, compromising the credentials it manages. The CVSS score of 9.3 indicates a critical risk level, highlighting the potential for significant damage if the exploit is successful. Organizations using affected versions of LiteLLM are at risk of data breaches and unauthorized access.
## Mitigation
Defenders should immediately upgrade to LiteLLM version 1.83.7, where this vulnerability has been patched. Regularly monitor systems for any unauthorized access attempts and review logs for suspicious activity. Implement additional security measures, such as rate limiting and enhanced logging, to further protect against potential exploits.
CSURFACE Threat Sensor