Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

litellm — Vulnerabilities & Security Advisories 24

All 24 CVE vulnerabilities found in litellm, with AI-generated Chinese analysis, references, and POCs.

This page details vulnerabilities associated with the LiteLLM product, focusing on software weaknesses within this specific provider ecosystem. It aggregates a comprehensive collection of security issues, encompassing critical flaws, configuration errors, and logic bugs discovered across various versions of the LiteLLM deployment. The data presented covers vulnerability records from 2023 to the present, ensuring that users have access to both historical context and the most recent security advisories relevant to the platform. By centralizing this information, the page serves as a vital resource for security analysts and developers who need to assess the risk profile of their LiteLLM infrastructure. Readers can track the vendor’s disclosure patterns and understand the evolution of weakness classes within the project. Furthermore, users can look up the complete vulnerability history of LiteLLM to identify recurring themes or persistent issues that may impact long-term stability. This consolidated view allows teams to prioritize patching efforts based on severity and relevance rather than searching through scattered sources. Understanding the specific attack vectors and mitigation strategies documented here is essential for maintaining the integrity of applications that rely on LiteLLM as a proxy for multiple LLM APIs. The page is structured to facilitate quick reference and deep analysis, supporting proactive security management without requiring extensive manual research.

Vendor: LiteLLM

CVE IDTitleCVSSSeverityPublished
CVE-2026-59819 LiteLLM: Local file read via request-supplied OIDC file references CWE-73--2026-07-08
CVE-2026-59822 LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback CWE-287--2026-07-08
CVE-2026-59820 LiteLLM: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22--2026-07-08
CVE-2026-59821 LiteLLM: Custom Code Guardrails production endpoints bypass code safety checks CWE-94--2026-07-08
CVE-2026-49468 LiteLLM: Authentication Bypass via Host Header Injection CWE-290--2026-06-22
CVE-2026-12799 BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization CWE-285 4.3 Medium2026-06-21
CVE-2026-12798 BerriAI litellm MCP OpenAPI Spec Loader openapi_to_mcp_generator.py load_openapi_spec_async server-side request forgery CWE-918 6.3 Medium2026-06-21
CVE-2026-12797 BerriAI litellm Completions banned_keywords.py async_pre_call_hook authorization CWE-863 6.3 Medium2026-06-21
CVE-2026-12796 BerriAI litellm SSO Authentication Flow ui_sso.py get_redirect_response_from_openid session expiration CWE-613 6.3 Medium2026-06-21
CVE-2026-12795 BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication CWE-306 7.3 High2026-06-21
CVE-2026-12774 BerriAI litellm MCP Server Connection Testing rest_endpoints.py _execute_with_mcp_client server-side request forgery CWE-918 6.3 Medium2026-06-21
CVE-2026-12773 BerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authentication CWE-287 7.3 High2026-06-21
CVE-2026-12772 BerriAI litellm PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expiration CWE-613 6.3 Medium2026-06-21
CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization CWE-285 5.0 Medium2026-06-21
CVE-2026-12770 BerriAI litellm Admin Key key_management_endpoints.py improper authorization CWE-285 5.4 Medium2026-06-21
CVE-2026-47102 LiteLLM < 1.83.10 Privilege Escalation via User Update CWE-863 8.8 High2026-05-21
CVE-2026-47101 LiteLLM < 1.83.14 Privilege Escalation via API Key Generation CWE-863 8.8 High2026-05-21
CVE-2026-42208 LiteLLM: SQL injection in Proxy API key verification CWE-89 9.1AICriticalAI2026-05-08
CVE-2026-42203 LiteLLM: Server-Side Template Injection in /prompts/test endpoint CWE-1336 9.6AICriticalAI2026-05-08
CVE-2026-42271 LiteLLM: Authenticated command execution via MCP stdio test endpoints CWE-77 9.8AICriticalAI2026-05-08
CVE-2026-40217 LiteLLM 安全漏洞 CWE-420 8.8 High2026-04-10
CVE-2026-35030 LiteLLM has an authentication bypass via OIDC userinfo cache key collision CWE-287 6.5AIMediumAI2026-04-06
CVE-2026-35029 LiteLLM affected by privilege escalation via unrestricted proxy configuration endpoint CWE-863 8.8AIHighAI2026-04-06
CVE-2025-11203 LiteLLM Information health API_KEY Information Disclosure Vulnerability CWE-200 6.5AIMediumAI2025-10-29

All 24 known CVE vulnerabilities affecting litellm with full Chinese analysis, references, and POCs where available.