Covered by FixVibecritical

LiteLLM Proxy SQL piki (CVE-2026-42208) ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG1 Vèsyon LiteLLM 1.81.16 a 1.83.7 vilnerab a yon piki SQL kritik nan lojik verifikasyon kle proxy CVE-2026-42208. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG2 Yon vilnerabilite kritik piki SQL (CVE-2026-42208) nan eleman proxy LiteLLM a pèmèt atakè yo kontoune otantifikasyon oswa jwenn aksè nan enfòmasyon sansib baz done lè yo eksplwate pwosesis verifikasyon kle ZXCVFIXVIBETOKEN1ZXCV. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG3 ## Enpak ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG4 Vèsyon LiteLLM 1.81.16 jiska 1.83.7 genyen yon vilnerabilite piki SQL kritik nan mekanis verifikasyon kle prokurasyon ZXCVFIXVIBETOKEN3ZXCV CVE-2026-42208. Eksplwatasyon siksè pèmèt yon atakè san otantifye kontoune kontwòl sekirite oswa fè operasyon baz done san otorizasyon ZXCVFIXVIBETOKEN1ZXCV. Yo bay vilnerabilite sa a yon nòt CVSS 9.8, sa ki reflete gwo enpak li sou konfidansyalite ak entegrite sistèm ZXCVFIXVIBETOKEN2ZXCV. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG5 ## Kòz Rasin ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG6 Vilnerabilite a egziste paske proxy LiteLLM la pa byen dezenfekte oswa paramètrize kle ZXCVFIXVIBETOKEN3ZXCV ki bay nan header CVE-2026-42208 anvan w itilize li nan yon rechèch baz done ZXCVFIXVIBETOKEN1ZXCV. Sa a pèmèt move kòmandman SQL entegre nan header la dwe egzekite pa baz done backend ZXCVFIXVIBETOKEN2ZXCV. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG7 ## Vèsyon ki afekte yo ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG8 - LiteLLM: Vèsyon 1.81.16 jiska (men pa enkli) 1.83.7 CVE-2026-42208. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG9 ## Ranje konkrè ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG10 - Mizajou LiteLLM: Imedyatman ajou pake CVE-2026-42208 a vèsyon 1.83.7 oswa pita pou patch defo piki ZXCVFIXVIBETOKEN1ZXCV. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG11 - Odit Database Logs: Revize mòso aksè baz done yo pou modèl rechèch etranj oswa sentaks inatandi ki soti nan sèvis prokurasyon CVE-2026-42208. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG12 ## Lojik Deteksyon ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG13 Ekip sekirite yo ka idantifye ekspoze pa: ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG14 - Eskanè vèsyon: Tcheke manifeste anviwònman pou vèsyon LiteLLM nan seri ki afekte yo (1.81.16 rive 1.83.6) CVE-2026-42208. ZXCVFIXVIBESEGEN ZXCVFIXVIBESEG15 - Siveyans Header : Enspekte demann fèk ap rantre nan proxy LiteLLM pou modèl piki SQL espesyalman nan CVE-2026-42208 jaden siy ZXCVFIXVIBETOKEN1ZXCV.

A critical SQL injection vulnerability (CVE-2026-42208) in LiteLLM's proxy component allows attackers to bypass authentication or access sensitive database information by exploiting the API key verification process.

CVE-2026-42208GHSA-r75f-5x8p-qvmcCWE-89

Impact

LiteLLM versions 1.81.16 through 1.83.7 contain a critical SQL injection vulnerability within the proxy's API key verification mechanism [S1]. Successful exploitation allows an unauthenticated attacker to bypass security controls or perform unauthorized database operations [S1]. This vulnerability is assigned a CVSS score of 9.8, reflecting its high impact on system confidentiality and integrity [S2].

Root Cause

The vulnerability exists because the LiteLLM proxy fails to properly sanitize or parameterize the API key provided in the Authorization header before using it in a database query [S1]. This allows malicious SQL commands embedded in the header to be executed by the backend database [S3].

Affected Versions

LiteLLM: Versions 1.81.16 up to (but not including) 1.83.7 [S1].

Concrete Fixes

Update LiteLLM: Immediately upgrade the litellm package to version 1.83.7 or later to patch the injection flaw [S1].
Audit Database Logs: Review database access logs for unusual query patterns or unexpected syntax originating from the proxy service [S1].

Detection Logic

Security teams can identify exposure by:

Version Scanning: Checking environment manifests for LiteLLM versions within the affected range (1.81.16 to 1.83.6) [S1].
Header Monitoring: Inspecting incoming requests to the LiteLLM proxy for SQL injection patterns specifically within the Authorization: Bearer token field [S1].