The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
SecurityWeek

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...
Hosted on MSN

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Malicious SVG uploads in DotNetNuke execute JavaScript when clicked Attack requires only one admin click to trigger full server compromise XSS flaw allows attackers to act using the victim’s ...