Skip to content
The Nexus
DossierENTITY

CVE-2026-42208

Coverage of CVE-2026-42208 in the Nexus archive.

Earliest in view: Apr 28 · 21:07 UTCMost recent: Apr 29 · 05:34 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 29 · 05:34 UTCTHE HACKER NEWS
    LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

    A critical SQL injection vulnerability (CVE-2026-42208) in BerriAI's LiteLLM Python package was exploited in the wild within 36 hours of disclosure. The flaw, with a CVSS score of 9.3, allows attackers to modify underlying data through SQL injection attacks.

  • SECURITYApr 28 · 21:07 UTCBLEEPING COMPUTER
    Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

    Hackers are exploiting a critical pre-authentication SQL injection vulnerability (CVE-2026-42208) in the LiteLLM open-source LLM gateway to access sensitive information. The flaw allows attackers to bypass authentication and manipulate database queries, risking data exposure.

CVE-2026-42208 · Dossier · The Nexus