Is CVE-2026-40217 in the CISA Known Exploited Vulnerabilities catalog?

CVE-2026-40217 is not currently listed in the CISA KEV catalog.

Vulnerability intelligence

CVE-2026-40217

Auth bypass → admin privilege escalation → Python sandbox escape via unfiltered exec() → MCP callback injection. The open-source AI gateway used to route requests between Claude, GPT, and Gemini had a kill chain from viewer to root. Patched in v1.83.14.

2026

What WebPulse reported · 1 analysis

LiteLLM AI Gateway: CVSS 9.9. Four Chained Vulnerabilities Let a Low-Privilege User Hijack Claude Code Responses.

Auth bypass → admin privilege escalation → Python sandbox escape via unfiltered exec() → MCP callback injection. The open-source AI gateway used to route reques

June 16, 2026

View CVE-2026-40217 on the NIST National Vulnerability Database →

Related vulnerabilities

CVE-2026-9082 CVE-2026-8206 CVE-2026-48019 CVE-2026-35273 CVE-2026-11645 CVE-2026-8181 CVE-2026-47291 CVE-2026-45657