logo

CISA KEV Highlights LiteLLM RCE (CVE-2026-42271) & Check Point VPN Auth Bypass (CVE-2026-50751)

ID: ef4ba4d3-3db5-5a25-88e7-cdb190e6bf1e

STIX ID: report--ef4ba4d3-3db5-5a25-88e7-cdb190e6bf1e

Feed Name: SOCRadar Blog

Threat Score
78/100

Date Published: 2026-06-09

Date Updated: 2026-06-10

Author: Ameer Owda

...
...

This report summarizes two high-risk vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog — CVE-2026-42271 (LiteLLM MCP test endpoints leading to possible command execution, potentially chainable with a Starlette Host header bypass) and CVE-2026-50751 (Check Point Remote Access/Mobile Access authentication bypass when using IKEv1) — notes active exploitation (including limited targeted activity linked to a Qilin ransomware affiliate for the Check Point issue), provides affected versions, exposure contexts, remediation deadlines, and prioritized mitigation guidance; it also highlights CVE-2026-23111 (Linux nf_tables local privilege escalation) as operationally important for multi-tenant and containerized environments.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.