LiteLLM CVE Chain: A Default User Account Becomes Full Server Access
CISA confirmed active exploitation of CVE-2026-42271 in LiteLLM, an open-source AI gateway, and set a June 22 federal remediation deadline. Obsidian Security disclosed a three-vulnerability chain allo…