LiteLLM Security Update Advisory (CVE-2026-42271)
- An arbitrary command execution vulnerability (CVE-2026-42271) has been identified in LiteLLM.
- affected Versions of LiteLLM are 1.74.2 and above and 1.83.7 and below.
- the vulnerability is reportedly related to authenticated command execution via MCP stdio test endpoints.
- resolved versions are LiteLLM 1.83.7 and later.
- users of affected products should follow the instructions on the reference site to update to the latest version of the Vulnerability Patch.