LiteLLM Discloses CVE-2026-30623: Command Injection via Anthropic's MCP SDK STDIO Transport — Patch Your Proxy If You Expose MCP Endpoints
LiteLLM·medium signal
LiteLLM published a security advisory for CVE-2026-30623, a command injection vulnerability in how the Anthropic MCP SDK handles STDIO transport. If your LiteLLM proxy exposes MCP endpoints, attackers can inject arbitrary commands via crafted server configurations. LiteLLM shipped a patch adding input sanitization. Practical action: update LiteLLM immediately and audit any MCP server configs accepting user-provided command strings.