{"vulnerability": "CVE-2026-42208", "sightings": [{"uuid": "076d67e5-ff31-4203-8b91-bafa074d4bd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/techsentiments.com/post/3mkn4isdwtt2y", "content": "\u26a1 LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure\n\n#Cybersecurity #Security", "creation_timestamp": "2026-04-29T12:37:49.735417Z"}, {"uuid": "eb1f7ce7-888f-425b-ab18-5f5b7257f7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mkkc2kw66e2u", "content": "", "creation_timestamp": "2026-04-28T09:39:14.991613Z"}, {"uuid": "ec502ac7-6db9-465c-8fb1-3cae574d1d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116487650362829887", "content": "En las \u00faltimas 24 horas se detectaron vulnerabilidades cr\u00edticas que permiten ejecuci\u00f3n remota de c\u00f3digo en ProFTPD y GitHub Enterprise Server, y una r\u00e1pida explotaci\u00f3n de SQL Injection en LiteLLM compromete datos en la nube; adem\u00e1s, el ransomware VECT 2.0 destruye archivos irreversiblemente en m\u00faltiples sistemas, aumentando el riesgo. Descubre estos y m\u00e1s detalles en el siguiente listado de noticias sobre seguridad inform\u00e1tica:\n\ud83d\uddde\ufe0f \u00daLTIMAS NOTICIAS EN SEGURIDAD INFORM\u00c1TICA \ud83d\udd12====| \ud83d\udd25 LO QUE DEBES SABER HOY \ufeff\ufeff29/04/26\ufeff\ufeff  \ud83d\udcc6 |==== \n\ud83d\udd13 CVE-2026-42167 PERMITE EVITAR AUTENTICACI\u00d3N Y EJECUCI\u00d3N DE C\u00d3DIGO EN PROFTPD\nSe ha identificado una grave vulnerabilidad en ProFTPD, catalogada como CVE-2026-42167, que permite saltarse procesos de autenticaci\u00f3n, elevar privilegios y ejecutar c\u00f3digo arbitrario. Esta falla representa un riesgo significativo para servidores FTP que no est\u00e9n actualizados. Se recomienda aplicar la actualizaci\u00f3n que MITRE y los desarrolladores emitir\u00e1n pr\u00f3ximamente para mitigar posibles ataques. Mantente alerta y protege tus sistemas. Descubre todos los detalles sobre esta vulnerabilidad y c\u00f3mo protegerte aqu\u00ed \ud83d\udc49 https://djar.co/tWdN\n\ud83d\udcbb VULNERABILIDAD CR\u00cdTICA RCE EN GITHUB ENTERPRISE SERVER CVE-2026-3854\nGitHub Enterprise Server enfrenta una vulnerabilidad con un puntaje CVSS de 8.7 que permite la ejecuci\u00f3n remota de c\u00f3digo, poniendo en riesgo repositorios y datos sensibles de las organizaciones. Esta amenaza impacta directamente en la integridad y la seguridad de los entornos corporativos que utilizan esta plataforma. La actualizaci\u00f3n inmediata es vital para evitar compromisos graves. Analiza a fondo la vulnerabilidad y las versiones afectadas para tomar acci\u00f3n r\u00e1pida. M\u00e1s informaci\u00f3n y recomendaciones aqu\u00ed \ud83d\udc49 https://djar.co/lWbCh\n\u26a0\ufe0f EXPLOTACI\u00d3N R\u00c1PIDA DE SQL INJECTION EN LITELLM CVE-2026-42208\nEn un caso alarmante, la vulnerabilidad SQL Injection CVE-2026-42208 en LiteLLM fue aprovechada en menos de 36 horas tras su divulgaci\u00f3n, comprometiendo credenciales y poniendo en riesgo cuentas en la nube. Esto evidencia la necesidad de implementar medidas proactivas y monitorear activamente los sistemas contra ataques tempranos. Revisa c\u00f3mo se desarroll\u00f3 este incidente y las mejores pr\u00e1cticas para proteger tus datos en la nube. Ent\u00e9rate aqu\u00ed \ud83d\udc49 https://djar.co/LQrNO4\n\ud83d\udee1\ufe0f VECT: RANSOMWARE COMO SERVICIO Y SU IMPACTO EN LA CADENA DE SUMINISTRO\nEl ransomware VECT, surgido en diciembre de 2025, se distingue por operar bajo modelo Ransomware-as-a-Service, causando estragos en varias cadenas de suministro. Su capacidad para expandirse y ejecutar ataques destructivos torna esencial entender su funcionamiento para anticipar y mitigar riesgos. La investigaci\u00f3n de Check Point revela sus t\u00e1cticas y evoluci\u00f3n, informaci\u00f3n clave para defensores de la ciberseguridad. Explora el an\u00e1lisis completo sobre VECT y su impacto aqu\u00ed \ud83d\udc49 https://djar.co/O8ko\n\ud83d\udca5 VECT 2.0 DESTRUYE IRREVERSIBLEMENTE ARCHIVOS EN WINDOWS, LINUX Y ESXI\nLa actualizaci\u00f3n 2.0 del ransomware VECT introduce un fallo en la gesti\u00f3n del nonce que provoca la destrucci\u00f3n permanente de archivos mayores a 131KB, haciendo in\u00fatiles los pagos de rescate y complicando las opciones de recuperaci\u00f3n. Afecta m\u00faltiples sistemas operativos, aumentando la gravedad de los ataques. Comprender esta nueva versi\u00f3n es vital para fortalecer las estrategias de defensa y respuesta ante incidentes. Conoce m\u00e1s sobre esta amenaza cr\u00edtica y c\u00f3mo proteger tus datos aqu\u00ed \ud83d\udc49 https://djar.co/pYoGQk\n\ud83c\udfaf CLASE VIRTUAL AVANZADA: DETECCI\u00d3N Y PREVENCI\u00d3N DE MALWARE - CQURE ACADEMY\nEspecialistas en ciberseguridad tienen la oportunidad de profundizar en t\u00e9cnicas avanzadas de b\u00fasqueda y prevenci\u00f3n de malware a trav\u00e9s de esta clase magistral en vivo. La formaci\u00f3n incluye m\u00e9todos pr\u00e1cticos y te\u00f3ricos para identificar amenazas complejas y fortalecer la postura defensiva de las organizaciones frente a ataques sofisticados. No pierdas la oportunidad de actualizar tus habilidades y conocimientos. Inscr\u00edbete y accede al curso aqu\u00ed \ud83d\udc49 https://djar.co/RYH0\n\ud83d\udcda GU\u00cdA PARA AUTORES EN CIBERSEGURIDAD - THE HACKER RECIPES\nEsta gu\u00eda es ideal para profesionales interesados en escribir sobre hacking \u00e9tico, pruebas de penetraci\u00f3n y ciberseguridad. Ofrece estrategias claras para estructurar contenido t\u00e9cnico y did\u00e1ctico, facilitando la comunicaci\u00f3n efectiva de conocimientos complejos. Una herramienta valiosa para quienes desean contribuir al ecosistema de la seguridad inform\u00e1tica con contenidos de calidad. Descubre c\u00f3mo mejorar tus publicaciones y aportar valor aqu\u00ed \ud83d\udc49 https://djar.co/u2Dz", "creation_timestamp": "2026-04-29T11:01:26.045242Z"}, {"uuid": "3eeeb16f-67fc-444f-b50c-990c665386a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkjt6gwxzm25", "content": "", "creation_timestamp": "2026-04-28T05:12:59.423734Z"}, {"uuid": "921f615f-69cc-4ba7-bd4e-b6f8b09bbe26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116487713806271465", "content": "\ud83d\uded1 LiteLLM CVE-2026-42208 exploited in ~36 hours.\nA pre-auth SQL injection exposed credential tables with LLM and cloud keys\u2014turning a simple flaw into account-level risk.\nNo PoC needed; advisory and schema were enough.\n\ud83d\udd17 Read details \u2192 https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html", "creation_timestamp": "2026-04-29T11:17:33.762239Z"}, {"uuid": "99292618-082e-4700-921a-149083fe5d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/softfantw.eurosky.social/post/3mkmgx4etk22f", "content": "", "creation_timestamp": "2026-04-29T06:12:31.887823Z"}, {"uuid": "bfa56b6f-9ba2-477f-85bb-638f015db938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html", "content": "", "creation_timestamp": "2026-04-29T03:34:00.000000Z"}, {"uuid": "91f56084-5662-405a-8232-b8a037b0c7a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmhd5jcw22j", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure", "creation_timestamp": "2026-04-29T06:18:51.021346Z"}, {"uuid": "7a7a86f0-ac9a-4217-bbfd-ae1136df8fae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mkmhmo4k7ac2", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical secur...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-04-29T06:24:15.825361Z"}, {"uuid": "00ba5f4a-2da1-441b-aa51-3afb23050dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mkmjpkdk5p27", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure", "creation_timestamp": "2026-04-29T07:01:35.038199Z"}, {"uuid": "6c46459d-217e-4c85-9def-8ca366db5bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mklibcofrl2b", "content": "", "creation_timestamp": "2026-04-28T21:03:03.580777Z"}, {"uuid": "cd43cadd-d294-41a6-a13f-eca930941683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/montxt.bsky.social/post/3mkmiwxzcq32r", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure  https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html", "creation_timestamp": "2026-04-29T06:47:50.588786Z"}, {"uuid": "0df99f56-5441-453b-a4f8-fc406c7e69da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3mkmqhsztzmc2", "content": "LiteLLM Proxy Gateway Under Active SQLi Exploitation Threat actors are exploiting CVE-2026-42208, a critical pre-authentication SQL injection flaw in LiteLLM, a widely-used open-source gateway for ...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-04-29T09:03:38.876536Z"}, {"uuid": "a57d6531-fa54-49d3-9789-09ea123fec25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mklijlrdsm2r", "content": "", "creation_timestamp": "2026-04-28T21:07:41.167050Z"}, {"uuid": "9bb97844-2e03-4bd2-a952-5859092c58e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "exploited", "source": "https://t.me/BleepingComputer/24560", "content": "\u200aHackers are exploiting a critical LiteLLM pre-auth SQLi flaw\n\nHackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability \u00a0tracked as CVE-2026-42208. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-are-exploiting-a-critical-litellm-pre-auth-sqli-flaw/", "creation_timestamp": "2026-04-28T21:31:47.000000Z"}, {"uuid": "b74583d9-8357-416e-a21a-5d4fc448e90a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://gist.github.com/stone776/d21f8650832be0a568274b5309740666", "content": "", "creation_timestamp": "2026-04-28T16:43:02.000000Z"}, {"uuid": "8a499229-93b7-45db-be09-a935eb319300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://gist.github.com/stone776/352084b56e7483a447a98ea4be839686", "content": "", "creation_timestamp": "2026-04-29T08:29:26.000000Z"}, {"uuid": "ced0b69c-3fe4-40c7-8110-847bd45ec214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hexonbot.bsky.social/post/3mkljwn54jm2x", "content": "", "creation_timestamp": "2026-04-28T21:32:52.508025Z"}, {"uuid": "4872440e-c780-421c-b680-7582638deb11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/it4intserver.bsky.social/post/3mkmnmvcsoo2r", "content": "iT4iNT SERVER LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure VDS VPS Cloud #CyberSecurity #SQLInjection #BerriAI #LiteLLM #CVE2026", "creation_timestamp": "2026-04-29T08:11:40.783610Z"}, {"uuid": "e66c7811-9d0f-463e-a163-e2b42fb030d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/39928", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure \u2013 thehackernews.com\n\nWed, 29 Apr 2026 13:34:00", "creation_timestamp": "2026-04-29T08:03:23.000000Z"}, {"uuid": "436752ba-8c15-4d4e-89a6-d78eb7854310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mklrdqebsj2a", "content": "", "creation_timestamp": "2026-04-28T23:45:28.719417Z"}, {"uuid": "9ad19f8d-59a0-4804-9d0c-f27aaae42716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/10014", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure \u2013 thehackernews.com\n\nWed, 29 Apr 2026 13:34:00", "creation_timestamp": "2026-04-29T08:03:23.000000Z"}, {"uuid": "28c0a86f-b795-4cc6-bb83-b559fd45974b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "exploited", "source": "https://t.me/cKure/16362", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \u2757\ufe0f LiteLLM CVE-2026-42208 exploited in ~36 hours.\n\nA pre-auth SQL injection exposed credential tables with LLM and cloud keys\u2014turning a simple flaw into account-level risk.\n\nNo PoC needed; advisory and schema were enough.\n\n\ud83d\udd17 Details \u2192 https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html", "creation_timestamp": "2026-04-29T05:42:08.000000Z"}, {"uuid": "161a48e5-bcb1-466b-974f-3903c4adc663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "exploited", "source": "https://t.me/ctinow/249488", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure\nhttps://ift.tt/b24W38i", "creation_timestamp": "2026-04-29T05:59:43.000000Z"}, {"uuid": "932b9dee-ec89-483e-a3e8-9a082ad361fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/81967", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-42208_lab\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a imjdl\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-28 16:57:54\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-42208 lab\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-28T17:00:04.000000Z"}, {"uuid": "f1239a9b-0715-4a3f-b019-c343f6ab6f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mko26szjft24", "content": "CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure", "creation_timestamp": "2026-04-29T21:29:07.154902Z"}, {"uuid": "daf2cc48-0780-4018-98b2-99d2acb0d9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mkm4wriaoa2c", "content": "", "creation_timestamp": "2026-04-29T03:12:59.059685Z"}, {"uuid": "08817454-9e18-4780-869c-f8d596d12c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mkm7cjxjvl2w", "content": "", "creation_timestamp": "2026-04-29T03:55:21.083268Z"}, {"uuid": "700cefaf-97a2-410f-a1d9-39dc76f8f07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsmrs2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:16.152724Z"}, {"uuid": "dd5441ae-455c-428e-a02f-74dfba710528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mknintlis32s", "content": "A critical SQL injection (CVE-2026-42208) in LiteLLM was exploited days after disclosure, exposing API keys and credentials. Patch 1.83.7 fixes the flaw by parameterizing key verification queries. #LiteLLM #SQLInjection #OpenSource", "creation_timestamp": "2026-04-29T16:15:23.050555Z"}, {"uuid": "d418644b-0a5d-4342-a33c-23bf59a9ee8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-litellm-pre-auth-sql-injection-cve-2026-42208-patch-immediately", "content": "", "creation_timestamp": "2026-04-29T08:21:58.000000Z"}, {"uuid": "7cd2b14c-93a4-481f-a5dc-0cf3f43dc51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mknn2ijwh42p", "content": "Critical SQL injection vulnerability (CVE-2026-42208) in LiteLLM actively exploited! Immediate patching and credential rotation required. Stay secure! #CyberSecurity #SQLInjection #LiteLLM Link: thedailytechfeed.com/critical-sql...", "creation_timestamp": "2026-04-29T17:34:03.624367Z"}, {"uuid": "eba1f3ef-2f39-402b-96f3-d07ed2b45735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqc2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:18.434102Z"}, {"uuid": "4c517146-5b70-4b11-babc-13af4f311a53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqot2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:21.544123Z"}, {"uuid": "3a6f0b46-888f-4405-84b7-d753c1f386c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsa3k2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:15.053023Z"}, {"uuid": "89f16826-3124-412a-b87e-a583d50504b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqd2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:19.411292Z"}, {"uuid": "f41efd6d-3047-4fcf-97b2-4640bba939c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqou2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:22.741339Z"}, {"uuid": "3323895b-2705-4a7b-85b3-4a623db5ddb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsnr22r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:17.410229Z"}, {"uuid": "338d0570-65e7-4177-8ee0-2e3d6a7bfbc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsppl2r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:20.510328Z"}, {"uuid": "5b0640c8-6542-46b2-b8d1-249d988c5b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsro42r", "content": "4/ \ud83d\udc89 LiteLLM SQL injection (CVE-2026-42208, CVSS 9.3) exploited within 36 hrs. Attackers stole API keys and cloud creds. If you run LiteLLM: patch to v1.83.7 NOW. (Sysdig)", "creation_timestamp": "2026-04-29T14:53:23.826230Z"}, {"uuid": "1aefaa18-83b0-4b7e-81f1-46ed462f3403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "Telegram/nhOEgwNUbC4JUIy2UmyvP-eeRQz2M8_kVk7x7C83gxvvi02Y", "content": "", "creation_timestamp": "2026-04-29T21:15:05.000000Z"}, {"uuid": "21cf96fd-0129-43a3-82c8-58f30c6591f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://t.me/ctinow/249527", "content": "CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure\nhttps://ift.tt/lAFbjVx", "creation_timestamp": "2026-04-29T21:09:03.000000Z"}, {"uuid": "7be0a57d-3b23-47ac-abd9-b6a5ac3e7f54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/sctocs.bsky.social/post/3mknz4xbfbk2t", "content": "A SQL injection flaw in LiteLLM (CVE-2026-42208) is being actively exploited within 36 hours of disclosure.\n\nThe vulnerability allows attackers to access backend databases, exposing sensitive data and potentially compromising AI-driven systems.\n\nsctocs.com/litellm-cve-...", "creation_timestamp": "2026-04-29T21:10:16.194935Z"}, {"uuid": "19c69214-e3ec-4a58-9e82-e48fe4a38771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "Telegram/eS6PVxYAnM0JrA3WVLf_Ud-acXUZbhqPWuOh5cENwecmTOw", "content": "", "creation_timestamp": "2026-04-28T21:00:04.000000Z"}, {"uuid": "a2be882c-40dd-4ddd-bd25-a381f2caa941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "Telegram/xKGSa9DIZz92ec3NOe9-ltnh782Q7CqXV4Vbusfx7aEeqhw", "content": "", "creation_timestamp": "2026-04-28T19:00:11.000000Z"}, {"uuid": "de307432-4f30-4bcf-8709-fd52c6bbaed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mknwtby34q25", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-04-29T20:28:59.064372Z"}, {"uuid": "fe5305e8-9d78-43c1-bb6f-df4c0cd0b986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/PostgreSQL.activitypub.awakari.com.ap.brid.gy/post/3mknxdxc4kqy2", "content": "\ud83d\udea9Critical Pre-Auth SQL Injection in LiteLLM Exposes AI Gateway Credentials Within 36 Hours of Disclosure Critical LiteLLM flaw (CVE-2026-42208) enables pre-auth SQLi to steal API keys. Exploited...\n\n#TIGR #cybercriminal #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-04-29T20:38:23.973122Z"}, {"uuid": "dab8c025-b58d-4a86-8cc2-996b85b690c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mknxkyrjvk2m", "content": "LiteLLM CVE-2026-42208 SQLi actively exploited \u2014 patch 1.83.7. ProFTPD CVE-2026-42167 PoC leaked. TeamPCP/VECT 2.0 acts as wiper &gt;128KB. GachiLoader uses AI-skill lures.\n\nFull brief: intel.overresearched.net/2026/04/29/c...\n\n#Daily #ThreatIntel #InfoSec", "creation_timestamp": "2026-04-29T20:42:15.588601Z"}, {"uuid": "ca15b137-275c-490d-9d20-8f029835143e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mkox5jjzkk2y", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure reconbee.com/litellm-cve-...\n\n#LiteLLM #LLM #sqlinjection #SQL #cybersecurity #cyberattack", "creation_timestamp": "2026-04-30T06:07:26.116309Z"}, {"uuid": "daac9dbe-c0f1-4735-a9f7-fb9c57422d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mko44yaqps2g", "content": "Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw\n\nHackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability \u00a0tracked as CVE-2026-42208. [...]\n#hackernews #llm #news", "creation_timestamp": "2026-04-29T22:03:52.878533Z"}, {"uuid": "7b32e595-c741-4520-b190-290f4220c782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://t.me/thehackernews/8895", "content": "\ud83d\uded1 LiteLLM CVE-2026-42208 exploited in ~36 hours.\n\nA pre-auth SQL injection exposed credential tables with LLM and cloud keys\u2014turning a simple flaw into account-level risk.\n\nNo PoC needed; advisory and schema were enough.\n\n\ud83d\udd17 Read details \u2192 https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html", "creation_timestamp": "2026-04-29T07:25:29.000000Z"}, {"uuid": "0af5ba4b-2264-48c6-baae-95bece16b28d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/kdm.ac/post/3mkoazvgo3c2c", "content": "LiteLLM \u306e\u91cd\u5927\u5ea6 Critical \u306e SQL \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u53ef\u80fd\u3068\u3059\u308b\u8106\u5f31\u6027 (CVE-2026-42208) \u306e\u60aa\u7528\u4e8b\u4f8b\u304c\u3042\u3063\u305f\u3068\u306e\u3053\u3068\u3067\u3059\u3002\n\u4e0d\u5177\u5408\u306e\u767a\u8868\u304b\u3089 36 \u6642\u9593\u306e\u51fa\u6765\u4e8b\nthehackernews.com/2026/04/lite...", "creation_timestamp": "2026-04-29T23:31:44.601478Z"}, {"uuid": "623a5a64-2bac-47f2-8a2c-bc902c3a0853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mkobxurkdk2g", "content": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure\n\nIn yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitatio\u2026\n#hackernews #llm #news", "creation_timestamp": "2026-04-29T23:48:23.625425Z"}, {"uuid": "f26c8738-f528-4881-91f9-3595bfdea218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/ransomnews.online/post/3mkphlxxytx2p", "content": "\ud83d\udea8 LiteLLM was hit 36 hours after disclosure\n\nCVE-2026-42208 is a pre-auth SQLi in #LiteLLM\u2019s proxy key verification flow, and #Sysdig saw attacks 36 hours after advisory indexing targeting API keys, provider credentials and env config.\n\n\ud83d\udd17 read more: www.securityweek.com/fresh-litell...\n\n#ransomNews", "creation_timestamp": "2026-04-30T11:01:46.650129Z"}, {"uuid": "246af399-cb3e-4be5-ad39-274d2a3c0208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mkqhpjd6ic2g", "content": "CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure\n\nAttackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM\u00a0Python pac\u2026\n#hackernews #llm #news", "creation_timestamp": "2026-04-30T20:36:25.396863Z"}, {"uuid": "326908d6-228f-4f67-9ed3-92044253b5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mkr4ajgl2kvh", "content": "CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure https://securityaffairs.com/191483/hacking/cve-2026-42208-litellm-bug-exploited-36-hours-after-its-disclosure.html", "creation_timestamp": "2026-05-01T02:44:14.799425Z"}, {"uuid": "a154b9b4-cf60-471f-bf2d-42d427c92864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mkoeyiw6wg2d", "content": "CVE-2026-42208\uff1aLiteLLM\u306e\u30d0\u30b0\u304c\u3001\u516c\u958b\u304b\u308936\u6642\u9593\u5f8c\u306b\u60aa\u7528\u3055\u308c\u308b \n\nCVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure  #SecurityAffairs (Apr 29)\n\nsecurityaffairs.com/191483/hacki...", "creation_timestamp": "2026-04-30T00:42:26.725706Z"}, {"uuid": "52f73e34-951c-4a93-b90b-57f3788068e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkokzbugzf2x", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 53 interactions\nCVE-2026-3854: 48 interactions\nCVE-2026-42208: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-31431: 53 interactions\nCVE-2026-3854: 31 interactions\nCVE-2026-5545: 17 interactions\n", "creation_timestamp": "2026-04-30T02:30:14.521566Z"}, {"uuid": "ef26bacd-5247-4d8b-9a8e-faae66d330da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://infosec.exchange/users/Sempf/statuses/116491594726746257", "content": "This is the issue with AI in criminal hands. Speed to market.\nhttps://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html?m=1", "creation_timestamp": "2026-04-30T03:44:32.065811Z"}, {"uuid": "33be73d7-f57e-4347-a7b7-bcb2f3d0a845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/Sempf.infosec.exchange.ap.brid.gy/post/3mkop6eilvc62", "content": "This is the issue with AI in criminal hands. Speed to market.\n\nhttps://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html?m=1", "creation_timestamp": "2026-04-30T03:44:44.560735Z"}, {"uuid": "232595ee-ced4-4e63-a6c9-345cee9ba83a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/allaboutsecurity.bsky.social/post/3mkovhifykk2s", "content": "LiteLLM-Sicherheitsl\u00fccke CVE-2026-42208: SQL-Injection binnen 36 Stunden nach Ver\u00f6ffentlichung aktiv ausgenutzt\nwww.all-about-security.de/litellm-sich...\n#cve #llm #cybersecurity #itsecurity #itsicherheit", "creation_timestamp": "2026-04-30T05:37:11.383339Z"}, {"uuid": "e4ea4dd5-f046-4038-a77a-62d26d62f87a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "Telegram/8YJ0uhvE9XZdvY1FFQairBuNj9zx70z1E2rfVIYJ4UV7DQ", "content": "", "creation_timestamp": "2026-04-29T06:57:50.000000Z"}, {"uuid": "a67f0e62-1ee1-4e59-8b77-c73493d8b1c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "Telegram/T6MjwEy1GXd0xTLgBckUymGQqfeNIMlbkOpXvJPPSDtMl2M", "content": "", "creation_timestamp": "2026-05-03T15:00:06.000000Z"}, {"uuid": "b81f725e-0517-47de-8bbc-56b73f5102ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://t.me/cibsecurity/89235", "content": "\ud83d\udd8b\ufe0f LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure \ud83d\udd8b\ufe0f\n\nIn yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerability, tracked as CVE202642208 CVSS score 9.3, is an SQL injection that could be exploited to modify the underlying.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-04-30T05:50:23.000000Z"}, {"uuid": "497896d7-982f-475d-b49f-27e24cd940bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3ml7njneehr2p", "content": "\ud83d\udce2 CVE-2026-42208 : Injection SQL pr\u00e9-authentification critique dans LiteLLM Proxy\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nBishop Fox a publi\u00e9 le 6 mai 2026 une analyse techni\u2026\nhttps://cyberveille.ch/posts/2026-05-06-cve-2026-42208-injection-sql-pre-authentification-critique-dans-litellm-proxy/ #CVE_2026_42208 #Cyberveille", "creation_timestamp": "2026-05-06T21:30:31.110443Z"}, {"uuid": "0767ec96-d58d-4a88-a18c-5c7680160a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/mel-echosphere.bsky.social/post/3ml6mg3xgad2i", "content": "LiteLLM\u3001CVE-2026-42208\u3002pre-auth SQL injection\u3001CVSS 9.3\u3001\u958b\u793a36\u6642\u9593\u5f8c\u306b\u5b9f\u88ab\u5bb3\u78ba\u8a8d\u3002\ud83d\udd4a\ufe0f\n\nhttps://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html\n\n\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u304c\u843d\u3061\u308b\u3068\u5168\u30b5\u30fc\u30d3\u30b9\u304c\u9053\u9023\u308c\u306b\u306a\u308b\u3002\n\nOpenAI / Anthropic \u307b\u304b\u5168 provider \u306e API \u30ad\u30fc\u3001\u30d7\u30ed\u30f3\u30d7\u30c8\u3001\u30ec\u30b9\u30dd\u30f3\u30b9\u304c\u5168\u90e8\u3053\u3053\u3092\u901a\u3063\u3066\u308b\u3002\u8a8d\u8a3c\u306a\u3057\u3067 2 \u30ea\u30af\u30a8\u30b9\u30c8\u3001\u5168\u90e8\u5f15\u3063\u3053\u629c\u3051\u308b\u3002\u26a0\ufe0f\n\n#LLMSecurity", "creation_timestamp": "2026-05-06T11:37:54.500950Z"}, {"uuid": "88926aaf-097d-4c74-bff8-19d3805e4a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3ml75yyehgo2s", "content": "opik 2.0.22 patches CVE-2026-42208\nExclude vulnerable litellm versions 1.81\u20131.83.6 (CVE-2026-42208).\nUpgrade carefully.\n\n\u2192 releaseport.com/r/comet-ml-opik/2-0-22", "creation_timestamp": "2026-05-06T16:52:41.813578Z"}, {"uuid": "ec944f36-81d1-4b4c-aa33-9a3f62679853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/bishopfox.bsky.social/post/3ml7c2cqe322b", "content": "Bishop Fox researchers reproduced CVE-2026-42208, a critical pre-authentication SQL injection in LiteLLM\u2019s proxy.\n\nExploitation was observed in the wild roughly 36 hours after disclosure.\n\nIf you\u2019re running LiteLLM, upgrade to 1.83.7+.", "creation_timestamp": "2026-05-06T18:05:06.399631Z"}, {"uuid": "5afaaf9a-59be-4192-ba56-fa7a9bb070f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/bishopfox.bsky.social/post/3ml7c2fhn222b", "content": "Bishop Fox researchers reproduced CVE-2026-42208, a critical pre-authentication SQL injection in LiteLLM\u2019s proxy.\n\nExploitation was observed in the wild roughly 36 hours after disclosure.\n\nIf you\u2019re running LiteLLM, upgrade to 1.83.7+.", "creation_timestamp": "2026-05-06T18:05:06.945636Z"}, {"uuid": "ba7ef1ef-a951-4060-a2f6-a620f461c4a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlcvhnjwmv2m", "content": "BerriAI LiteLLM (v1.81.16 \u2013 1.83.6) has a CRITICAL SQL injection flaw. Unauthenticated attackers can access &amp; alter DB. Upgrade to v1.83.7 ASAP! https://radar.offseq.com/threat/cve-2026-42208-cwe-89-improper-neutralization-of-s-1213f296 #OffSeq #Security #SQLInjection", "creation_timestamp": "2026-05-08T04:30:28.959810Z"}, {"uuid": "3f829627-57c0-49a8-8ad0-a88267462760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42208", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116537073735710293", "content": "\ud83d\udea8 CRITICAL: CVE-2026-42208 in BerriAI LiteLLM (v1.81.16 \u2013 1.83.6) enables unauthenticated SQL injection via API key processing. Patch to v1.83.7 immediately to protect credentials and data. Details: https://radar.offseq.com/threat/cve-2026-42208-cwe-89-improper-neutralization-of-s-1213f296 #OffSeq #SQLInjection #Vuln #Security", "creation_timestamp": "2026-05-08T04:30:33.414946Z"}, {"uuid": "a4501972-54cf-4a2f-8349-f03304a9becd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42208", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcvmpkk3f2e", "content": "CVE-2026-42208 - LiteLLM: SQL injection in Proxy API key verification\nCVE ID : CVE-2026-42208\n \n Published : May 8, 2026, 3:38 a.m. | 47\u00a0minutes ago\n \n Description : LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to b...", "creation_timestamp": "2026-05-08T04:33:18.218745Z"}]}