Llm-Security

vulnerabilities 2026-04-30
LiteLLM CVE-2026-42208: Pre-Auth SQLi in the AI Gateway, Exploited 36 Hours After Disclosure
A pre-authentication SQL injection in LiteLLM's auth path (CVSS 9.3) lets an unauthenticated attacker read and modify the proxy database — including upstream OpenAI and Anthropic API keys. First exploitation hit 36 hours after the advisory.
litellm ai-gateway sql-injection CVE-2026-42208 llm-security credential-theft

LiteLLM CVE-2026-42208: Pre-Auth SQLi in the AI Gateway, Exploited 36 Hours After Disclosure