CISA Adds KEV Entry for BerriAI LiteLLM SQLi Risk Now
🔔 CISA added one vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog: CVE-2026-42208, a SQL injection affecting BerriAI LiteLLM. The agency cites evidence of active exploitation and notes that SQLi remains a common, high-risk vector. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate KEV-listed flaws by their due dates. CISA urges all organizations to prioritize timely remediation as part of routine vulnerability management.
