CISA KEV Highlights LiteLLM RCE (CVE-2026-42271) & Check Point VPN Auth Bypass (CVE-2026-50751)
ID: ef4ba4d3-3db5-5a25-88e7-cdb190e6bf1e
STIX ID: report--ef4ba4d3-3db5-5a25-88e7-cdb190e6bf1e
Feed Name: SOCRadar Blog
This report summarizes two high-risk vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog — CVE-2026-42271 (LiteLLM MCP test endpoints leading to possible command execution, potentially chainable with a Starlette Host header bypass) and CVE-2026-50751 (Check Point Remote Access/Mobile Access authentication bypass when using IKEv1) — notes active exploitation (including limited targeted activity linked to a Qilin ransomware affiliate for the Check Point issue), provides affected versions, exposure contexts, remediation deadlines, and prioritized mitigation guidance; it also highlights CVE-2026-23111 (Linux nf_tables local privilege escalation) as operationally important for multi-tenant and containerized environments.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
