🚨 CRITICAL ALERT: Active Zero-Day Exploits

Two critical vulnerabilities with CVSS scores above 8.0 and CISA KEV inclusion require immediate action. One affects LiteLLM and can enable arbitrary command execution on the proxy host; the other affects remote access VPN certificate validation and can allow an unauthenticated attacker to bypass authentication and establish a VPN session without a valid password. Both issues are listed in the CISA Known Exploited Vulnerabilities catalog, indicating active exploitation risk and urgent remediation priority.

Critical Vulnerabilities (CVSS >= 8.0)

• CVE-2026-42271 (CVSS: 8.8): LiteLLM MCP test endpoints POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list accepted full server configuration data, including command, args, and env fields for stdio transport. When invoked with a stdio configuration, the proxy spawned the supplied command as a subprocess on the host with the privileges of the LiteLLM process, enabling arbitrary command execution by any authenticated user with a valid proxy API key. Patched in LiteLLM 1.83.7; CISA KEV listed on 2026-06-08. View NVD | CISA KEV
• CVE-2026-50751 (CVSS: 9.3): A logic-flow weakness in Remote Access and Mobile Access certificate validation for deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password. CISA KEV listed on 2026-06-08. View NVD | CISA KEV

⚡ Immediate Actions Required

Patch immediately to the vendor-fixed versions or apply the latest security updates for the affected products. For LiteLLM, upgrade to 1.83.7 or later without delay. For VPN appliances or gateways impacted by CVE-2026-50751, disable deprecated IKEv1 where possible, apply the vendor remediation, and verify that remote access authentication is enforced correctly.

Reduce exposure now by restricting administrative and API access to trusted networks only, blocking or limiting access to the affected LiteLLM endpoints, and auditing for suspicious authentication attempts, unexpected subprocess launches, or anomalous VPN logins. Treat any exposed instance as a high-priority incident response target until remediated.