CISA Catalogs Exploited Vulnerabilities in AI and Security Products Amid Active Attacks
CISA has added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog: CVE-2026-42271 in BerriAI's LiteLLM and CVE-2026-50751 in Check Point's Quantum Security Gateway. Both have been actively exploited, with the latter linked to a Qilin ransomware campaign. Organizations using these products must apply patches immediately or implement alternative mitigations to prevent unauthorized access.
Summary
CISA has recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical vulnerabilities: CVE-2026-42271 and CVE-2026-50751, both of which are actively being exploited. The first vulnerability affects BerriAI's LiteLLM proxy server, allowing authenticated users to execute arbitrary commands on the host system due to insufficient endpoint security checks. The second vulnerability targets Check Point's Quantum Security Gateway, enabling unauthenticated attackers to bypass authentication and establish VPN connections using deprecated IKEv1 key exchange protocols.
What Happened
CVE-2026-42271 affects LiteLLM, a proxy server designed for calling LLM APIs in OpenAI or native formats. From versions 1.74.2 to before 1.83.7, two endpoints allowed users with valid API keys-regardless of their privilege level-to execute arbitrary commands on the host system by submitting full server configurations. This vulnerability has been patched as of version 1.83.7.
CVE-2026-50751 impacts Check Point's Quantum Security Gateway, specifically affecting Remote Access and Mobile Access components that use deprecated IKEv1 key exchange protocols. The flaw allows unauthenticated attackers to bypass authentication processes entirely, enabling them to establish remote access VPN connections without valid user credentials. This vulnerability has been actively exploited since at least May 7, 2026.
How the Attack Works
For CVE-2026-42271, an attacker with a valid proxy API key could exploit the LiteLLM server by sending requests to endpoints that previewed MCP configurations before saving them. These endpoints accepted full server configurations in their request bodies, including commands and environment variables, which were then executed as subprocesses on the host system.
In the case of CVE-2026-50751, attackers exploited a logic flow weakness during certificate validation in IKEv1 key exchange protocols. This allowed them to bypass authentication requirements entirely, gaining access to VPN services without needing valid user credentials.
Affected Products and Fixed Versions
| Product | Vulnerability ID | Affected Versions | Fixed Version |
|---|---|---|---|
| BerriAI LiteLLM | CVE-2026-42271 | 1.74.2 to before 1.83.7 | 1.83.7 |
| Check Point Quantum Gateway | CVE-2026-50751 | R80.20.X, R80.40, R81, R81.10 (End of Support) | Hotfixes available |
Exploitation Status
Both vulnerabilities have been confirmed as actively exploited by malicious actors. CISA's inclusion in the KEV Catalog underscores their severity and potential impact on federal enterprises and beyond.
Indicators of Compromise
For CVE-2026-50751, Check Point has identified specific indicators associated with exploitation campaigns:
- Hashes:
52fda5c1b9704544f32ee98d9060e68951d39aa39478beeac94f2d12f682ecce
These hashes are linked to attacker infrastructure and post-exploitation activities, including ties to the Qilin ransomware operation.
Detection Opportunities
Organizations can detect potential exploitation of these vulnerabilities through:
- Monitoring for unauthorized command execution on LiteLLM hosts.
- Auditing VPN access logs for unauthenticated connections in Check Point environments.
- Using security tools like Exposure Command, InsightVM, and Nexpose to assess exposure to CVE-2026-50751.
Defender Guidance
For CVE-2026-42271, organizations should:
- Upgrade LiteLLM to version 1.83.7 immediately.
- If upgrading is not possible, block the vulnerable endpoints (
POST /mcp-rest/test/connectionandPOST /mcp-rest/test/tools/list) at their reverse proxy or API gateway.
For CVE-2026-50751, organizations should:
- Apply Check Point's hotfixes as soon as possible.
- Remove support for legacy remote access clients.
- Configure Remote Access VPN authentication to use IKEv2 only and set machine certificate authentication as mandatory.
- Enable IPS and download the latest signatures.
- Conduct forensic log audits and configuration reviews starting from May 7, 2026.
What Remains Unclear
While both vulnerabilities have been patched or mitigated, it remains unclear how widespread the exploitation has become outside of reported incidents. Additionally, the full extent of any data breaches resulting from these exploits is not yet confirmed. Organizations are advised to remain vigilant and monitor for any signs of compromise.
Sources
- https://www.cisa.gov/news-events/alerts/2026/06/08/cisa-adds-two-known-exploited-vulnerabilities-catalog
- https://www.rapid7.com/blog/post/etr-critical-check-point-vpn-zero-day-exploited-in-the-wild-cve-2026-50751
- https://thehackernews.com/2026/06/critical-check-point-vpn-flaw-exploited.html
- https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g
- https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable
- https://support.checkpoint.com/results/sk/sk185033
