Forensic Summary
A critical SQL injection vulnerability (CVE-2026-42208, CVSS 9.3) in BerriAI's LiteLLM AI gateway was actively exploited within 36 hours of public disclosure, targeting database tables storing upstream LLM provider API keys including OpenAI, Anthropic, and AWS Bedrock credentials. Attackers demonstrated prior knowledge of LiteLLM's internal schema, selectively probing credential and configuration tables while ignoring user and team tables. The blast radius extends far beyond a typical web-app SQL injection, as successful extraction equates to cloud-account-level compromise across multiple AI provider accounts.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/sql-injection-in-litellm-proxy-exposes-llm-provider-keys-within-36-hours/
Top comments (0)