Critical SQL Injection Vulnerability in BerriAI's LiteLLM Python Package Exploited Within 36 Hours

A critical SQL injection vulnerability in BerriAI's LiteLLM Python package, tracked as CVE-2026-42208 with a CVSS score of 9.3, was actively exploited in the wild within 36 hours of public disclosure. The flaw allows threat actors to modify the underlying system by leveraging the SQL injection. No specific attack vectors, affected versions, or impacted organizations were detailed beyond the rapid exploitation timeline. The vulnerability was disclosed via The Hacker News, highlighting the speed at which adversaries target newly revealed security issues.