Summary
| Vulnerability Name | LiteLLM SQL Injection (CVE-2026-42208) |
| Released on | April 29, 2026 |
| Affected Component | LiteLLM |
| Affected Version | 1.81.16 ≤ LiteLLM < 1.83.7 |
| Vulnerability Type | SQL injection |
| Exploitation Condition | 1. User authentication: not required. 2. Preconditions: default configurations. 3. Trigger mode: remote. |
| Impact | Exploitation difficulty: easy. Unauthenticated attackers can exploit this vulnerability to perform SQL injection. Severity: critical. This vulnerability may result in information disclosure. |
| Official Solution | Available |
About the Vulnerability
Component Introduction
LiteLLM is an AI tool designed to provide users with a unified API for accessing and managing over 100 large language model (LLM) services. It is mainly used to simplify the LLM integration process, help users track LLM usage, and set budgets and rate limits.
Vulnerability Description
On April 28, 2026, Sangfor FarSight Labs received notification of the SQL injection vulnerability in LiteLLM (CVE-2026-42208), classified as critical in threat level.
Specifically, LiteLLM contains an SQL injection vulnerability in its authentication process. Because the system does not filter or preprocess the authorization token in the Authorization header, attackers can craft a malicious token to inject SQL during the authentication phase. The vulnerability resides in the error logging mechanism triggered by authentication failures, and affects all API operations that invoke the authentication logic. This vulnerability enables attackers to perform database queries without valid credentials, which may lead to sensitive information disclosure or even remote system compromise.
Affected Versions
The following LiteLLM versions are affected:
1.81.16 ≤ LiteLLM < 1.83.7
Solutions
Remediation Solutions
Official Solutions
The latest versions have been officially released to fix the vulnerability. Affected users are advised to update LiteLLM to 1.83.7 or later.
Download link:
https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable
Temporary Solutions
- Disable unused functional modules to reduce attack entry points.
- Follow the principle of least privilege to strictly control the scope of permissions for sensitive operations.
- Do not expose services to the Internet unless necessary, to limit the access sources to trusted ranges.
- Regularly update the system and components to secure versions so that known vulnerabilities can be patched at the earliest opportunity.
Sangfor Solutions
Proactive Vulnerability Detection
The following Sangfor services can proactively detect CVE-2026-42208 vulnerabilities and quickly identify vulnerability risks in batches in business scenarios:
- Athena Managed Detection and Response (MDR): The corresponding detection solution will be released on May 30, 2026. The rule ID is SF-2026-01016.
- Athena Extended Detection and Response (XDR): The corresponding detection solution will be released on May 06, 2026. The rule ID is SF-2026-00905.
Vulnerability Monitoring
The following Sangfor services support CVE-2026-42208 vulnerability monitoring, and can quickly identify affected assets and the impact scope in business scenarios in real time through traffic collection:
- Athena Network Detection and Response (NDR): The corresponding monitoring solution will be released on April 30, 2026. The rule ID is 11220503.
- Athena MDR: The corresponding monitoring solution will be released on April 30, 2026. The rule ID is 11220503. In this case, make sure that Athena MDR is integrated with Athena NDR.
- Athena XDR: The corresponding monitoring solution will be released on April 30, 2026. The rule ID is 11220503.
- Sangfor Traffic Monitoring GPT: Sangfor Traffic Monitoring GPT can detect attacks and threats targeting this vulnerability based on its understanding of attacks and code, without the need to configure rules.
Vulnerability Prevention
The following Sangfor services can effectively block CVE-2026-42208 exploits:
- Athena Next-Generation Firewall (NGFW): The corresponding prevention solution will be released on April 30, 2026. The rule ID is 11220503.
- Sangfor Web Application Firewall (WAF): The corresponding prevention solution will be released on April 30, 2026. The rule ID is 11220503.
- Athena MDR: The corresponding prevention solution will be released on April 30, 2026. The rule ID is 11220503. In this case, make sure that Athena MDR is integrated with Athena NGFW.
- Athena XDR: The corresponding prevention solution will be released on April 30, 2026. The rule ID is 11220503. In this case, make sure that Athena XDR is integrated with Athena NGFW.
Timeline
On April 28, 2026, Sangfor FarSight Labs received notification of the SQL injection vulnerability in LiteLLM (CVE-2026-42208).
On April 29, 2026, Sangfor FarSight Labs released a vulnerability alert.
Reference
https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc
Learn More
Sangfor FarSight Labs researches the latest cyber threats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyber threats, providing fast and easy protection for customers.
