CVE-2026-42203

Name of the Vulnerable Software and Affected Versions LiteLLM versions 1.80.5 through 1.83.6

Description The 'POST /prompts/test' endpoint accepts user-supplied prompt templates and renders them without sandboxing. An authenticated user with a valid proxy API key can provide a crafted template to execute arbitrary code within the LiteLLM Proxy process. This may lead to the exposure of environment secrets, such as database credentials or provider API keys, and allow the execution of commands on the host system.

Recommendations Update to version 1.83.7. Block the 'POST /prompts/test' endpoint at the reverse proxy or API gateway. Review and rotate API keys that should not have access to prompt management routes.