Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: litellm Clear
ID Title
CVE-2026-12799 Vulnerability in litellm (CVE-2026-12799)
vulnerability in litellm (CVE-2026-12799). Risk of unauthorized operations or information disclosure.
CVE-2026-12798 SSRF (Server-Side Request Forgery) in litellm (CVE-2026-12798)
SSRF in litellm (CVE-2026-12798). Risk of unauthorized operations or information disclosure.
CVE-2026-12797 Vulnerability in litellm (CVE-2026-12797)
vulnerability in litellm (CVE-2026-12797). Risk of unauthorized operations or information disclosure.
CVE-2026-12796 Vulnerability in litellm (CVE-2026-12796)
vulnerability in litellm (CVE-2026-12796). Risk of unauthorized operations or information disclosure.
CVE-2026-12795 Authentication Bypass in litellm (CVE-2026-12795)
authentication bypass in litellm (CVE-2026-12795). Risk of unauthorized operations or information disclosure.
CVE-2026-12774 SSRF (Server-Side Request Forgery) in litellm (CVE-2026-12774)
SSRF in litellm (CVE-2026-12774). Risk of unauthorized operations or information disclosure.
CVE-2026-12773 A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
CVE-2026-12772 Vulnerability in litellm (CVE-2026-12772)
vulnerability in litellm (CVE-2026-12772). Risk of unauthorized operations or information disclosure.
CVE-2026-12771 Vulnerability in litellm (CVE-2026-12771)
vulnerability in litellm (CVE-2026-12771). Risk of unauthorized operations or information disclosure.
CVE-2026-12770 Vulnerability in litellm (CVE-2026-12770)
vulnerability in litellm (CVE-2026-12770). Risk of unauthorized operations or information disclosure.
CVE-2026-49468 Vulnerability in litellm (CVE-2026-49468)
vulnerability in litellm (CVE-2026-49468). Successful exploitation can lead to full system takeover. Exploitable via ``request.url.path``. Mitigation: upgrade to `1.84.0` or later.
CVE-2026-47102 Authorization Flaw in litellm (CVE-2026-47102)
vulnerability in litellm (CVE-2026-47102). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.10` or later.
CVE-2026-47101 Authorization Flaw in litellm (CVE-2026-47101)
vulnerability in litellm (CVE-2026-47101). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.14` or later.
CVE-2026-40217 Vulnerability in litellm (CVE-2026-40217)
vulnerability in litellm (CVE-2026-40217). Successful exploitation can lead to full system takeover. Exploitable via `POST /guardrails/test_custom_code`. Mitigation: upgrade to `1.83.10` or later.
CVE-2026-42271 KEV [KEV] Command Injection in Berriai litellm (CVE-2026-42271)
command injection in Berriai litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.83.7` or later.
CVE-2026-42203 Vulnerability in litellm (CVE-2026-42203)
vulnerability in litellm (CVE-2026-42203). Successful exploitation can lead to full system takeover. Exploitable via `POST /prompts/test`. Mitigation: upgrade to `1.83.7` or later.
CVE-2026-42208 KEV [KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
CVE-2026-35029 Authorization Flaw in litellm (CVE-2026-35029)
vulnerability in litellm (CVE-2026-35029). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.0` or later.
CVE-2026-35030 Authentication Bypass in litellm (CVE-2026-35030)
authentication bypass in litellm (CVE-2026-35030). Confidential information can be exposed externally. Mitigation: upgrade to `1.83.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →