The LiteLLM proxy contains an SQL injection vulnerability in its API key verification process, identified as CVE-2026-42208 with a CVSS score of 9.3. The flaw occurs because the database query includes caller-supplied values directly rather than as separate parameters, allowing unauthenticated attackers to send crafted Authorization headers to any LLM API route. Exploitation enables attackers to read and potentially modify database tables containing sensitive information such as API keys, provider credentials, and environment configurations. Attacks were observed soon after disclosure, targeting specific database tables with automated tools. The vulnerability is fixed in LiteLLM version 1.83.7 by ensuring proper parameterization of database queries.

Exploitation of this vulnerability allows unauthenticated attackers to access and potentially modify sensitive data stored in the LiteLLM proxy's database, including API keys and credentials. This could lead to credential leakage and unauthorized access if exploited. Although attacks were observed shortly after disclosure, no confirmed misuse of extracted credentials has been reported. The vulnerability has a high severity rating (CVSS 9.3), indicating significant risk if left unpatched.

LiteLLM version 1.83.7 provides an official fix by properly parameterizing database queries to prevent SQL injection. Users should update to this patched version as soon as possible. Alternatively, disabling error logs can mitigate the exploitation path temporarily. Since this is not a cloud service, remediation depends on user action. Patch status is confirmed by the vendor advisory. No additional mitigation steps are indicated by the vendor.