CPE
A command injection vulnerability exists in LiteLLM versions 1.74.2 to < 1.83.7, allowing authenticated users with a valid API key to execute arbitrary OS commands as root via the MCP stdio transport through the `POST /mcp-rest/test/connection` and `POST /mcp-rest/test/tools/list` endpoints, especially in default Docker deployments, and a public exploit is available.