CISA Adds Actively Exploited LiteLLM and Check Point Flaws to KEV Catalog

Executive Summary

On June 8, 2026, the U.S. CISA updated its Known Exploited Vulnerabilities (KEV) Catalog to include two new high-impact vulnerabilities that are being actively exploited by threat actors. The additions are CVE-2026-42271, a command injection flaw in BerriAI's LiteLLM tool, and CVE-2026-50751, a critical authentication bypass in Check Point Security Gateways. The inclusion in the KEV catalog signifies a grave and imminent risk to federal networks. Under Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are mandated to remediate these vulnerabilities by the specified deadlines. CISA strongly advises all organizations to prioritize patching these flaws to reduce their attack surface.

Threat Overview

The two vulnerabilities added to the KEV catalog represent significant and distinct threats to modern IT environments.

CVE-2026-42271: LiteLLM Command Injection

This high-severity vulnerability (CVSS 8.7) affects LiteLLM, a popular open-source library that provides a unified interface for interacting with over 100 Large Language Model (LLM) APIs. The flaw is a command injection vulnerability that allows an authenticated user to execute arbitrary commands on the server hosting the LiteLLM instance. Given that LiteLLM instances often store API keys and credentials for various AI services, a compromise could be devastating. Attackers can steal these credentials, pivot to downstream AI and cloud infrastructure, and potentially compromise sensitive data processed by the LLMs.

CVE-2026-50751: Check Point VPN Authentication Bypass

This critical vulnerability (CVSS 9.3) affects Check Point's VPN gateways that are configured with the deprecated IKEv1 protocol. As detailed in other advisories, it allows an unauthenticated remote attacker to bypass authentication and gain access to an organization's internal network. This provides a direct path for threat actors, including ransomware groups, to establish a foothold and launch further attacks.

Impact Assessment

Inclusion in the KEV catalog means these are not theoretical risks; they are proven, active threats.

For CVE-2026-42271, organizations using LiteLLM are at risk of complete compromise of their AI infrastructure. Attackers could steal proprietary data, manipulate LLM outputs, or run up massive bills on cloud AI services. This represents a significant supply chain risk for the burgeoning AI ecosystem.
For CVE-2026-50751, the impact is immediate and severe: unauthorized network access. This can lead to widespread ransomware deployment, major data breaches, and prolonged business disruption.

By adding these to the KEV catalog, CISA is sending a clear signal that these vulnerabilities are being used to compromise organizations now. The directive for federal agencies to patch underscores the severity, but the warning applies to all sectors.

IOCs — Directly from Articles

No specific Indicators of Compromise (IPs, domains, hashes) were provided in the source articles.

Cyber Observables — Hunting Hints

Security teams should hunt for signs of compromise related to these vulnerabilities:

Type

Log Source

Value

LiteLLM Proxy Logs

Description

Monitor for unusual API requests or error messages that could indicate command injection attempts.

Type

Process Name

Value

litem

Description

Look for the LiteLLM process spawning unexpected child processes like sh, bash, or powershell.exe on the host server.

Type

Network Traffic

Value

IKEv1 Traffic

Description

Identify any systems still using the deprecated IKEv1 protocol for VPNs. This traffic should be considered high-risk.

Type

Log Source

Value

Check Point VPN Logs

Description

Scrutinize logs for successful authentications from unusual geolocations or IP addresses, especially those not associated with a known user or device.

Detection & Response

Prioritize KEV Catalog: Integrate the CISA KEV catalog feed into your vulnerability management program. Vulnerabilities appearing on this list should be escalated to the highest priority for remediation, superseding their CVSS score alone.
Vulnerability Scanning: Ensure your vulnerability scanning tools have updated plugins to detect both CVE-2026-42271 in your software bill of materials (SBOM) and CVE-2026-50751 in your network infrastructure.
AI Infrastructure Monitoring: For LiteLLM, implement runtime application security monitoring. Use D3-PA: Process Analysis to detect when the application attempts to execute system commands or spawn shell processes, which would be highly indicative of exploitation.
Network Access Control: For the Check Point flaw, use D3-NTA: Network Traffic Analysis to baseline and alert on anomalous VPN connection patterns.

Mitigation

Remediation must be swift and decisive.

Patch Immediately: The primary mitigation for both vulnerabilities is to apply the security patches provided by the respective vendors (BerriAI for LiteLLM, Check Point for the Security Gateway).
Follow BOD 22-01: FCEB agencies are required to patch by the CISA-mandated deadlines. All other organizations should adopt these deadlines as a best practice for their own remediation timelines.
Compensating Controls for LiteLLM: If patching is delayed, restrict network access to the LiteLLM instance to only trusted hosts. Run the application in a container with minimal privileges and no access to the underlying host's shell.
Decommission IKEv1: For the Check Point vulnerability, the strategic mitigation is to completely decommission the IKEv1 protocol and migrate all VPN services to IKEv2, as recommended by Check Point. This falls under D3-ACH: Application Configuration Hardening.

CISA Adds Exploited LiteLLM and Check Point Flaws to KEV Catalog