U.S. Cybersecurity Agency Adds Vulnerabilities to Known Exploited Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its threat landscape with two significant vulnerabilities that have been identified by industry experts and researchers alike. These additions to the agency's Known Exploited Vulnerabilities (KEV) catalog underscore ongoing efforts to protect critical infrastructure from exploitation.
CVE-2026-42271: BerriAI LiteLLM Command Injection Vulnerability
The first vulnerability, identified as CVE-2026-42271, involves a command injection flaw in the LiteLLM platform. This critical exploit affects versions 1.74.2 through 1.83.6 of LiteLLM and allows attackers to execute arbitrary commands on the server by injecting malicious code into system configurations. The flaw is particularly concerning due to the lack of proper role-based access controls, enabling low-privileged users with valid API keys to exploit this vulnerability.
CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability
The second flaw, tracked as CVE-2026-50751, is a critical authentication bypass vulnerability in the Check Point Security Gateway. This issue affects all versions of Check Point products and allows unauthenticated attackers to establish remote VPN connections without requiring valid credentials. The vulnerability is considered high-risk due to its potential for widespread exploitation across various organizations.
Implications and Mitigation
The addition of these vulnerabilities to CISA's KEV catalog highlights the growing threat landscape faced by critical infrastructure and corporate networks worldwide. Experts recommend that federal agencies address both vulnerabilities by June 11, 2026, while private organizations should review their own systems and mitigate the risks accordingly.
Action Required
To protect against these threats, CISA has issued orders for federal agencies to resolve the Check Point Security Gateway vulnerability by June 11, 2026. For private organizations, it is essential to address the LiteLLM flaw by June 22, 2026, as per FCEB (Federal Communications Commission) directives.
Conclusion
The U.S. CISA's expansion of its known exploited vulnerabilities catalog underscores the continuous need for vigilance and proactive measures in cybersecurity defense. As organizations navigate these threats, it is crucial to stay informed about the latest vulnerabilities and take immediate action to mitigate risks effectively.
Stay updated with the latest on cyber threats and how to protect your organization from them by following @securityaffairs on Twitter, Facebook, or Mastodon at @Pierluigi_Paganini.
Source: Security Affairs. AI-assisted editorial synthesis — TechnoExpress.