Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12799 |
|
Vulnerability in litellm (CVE-2026-12799)
vulnerability in litellm (CVE-2026-12799). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12798 |
|
SSRF (Server-Side Request Forgery) in litellm (CVE-2026-12798)
SSRF in litellm (CVE-2026-12798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12797 |
|
Vulnerability in litellm (CVE-2026-12797)
vulnerability in litellm (CVE-2026-12797). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12796 |
|
Vulnerability in litellm (CVE-2026-12796)
vulnerability in litellm (CVE-2026-12796). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12795 |
|
Authentication Bypass in litellm (CVE-2026-12795)
authentication bypass in litellm (CVE-2026-12795). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12774 |
|
SSRF (Server-Side Request Forgery) in litellm (CVE-2026-12774)
SSRF in litellm (CVE-2026-12774). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12773 |
|
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
|
| CVE-2026-12772 |
|
Vulnerability in litellm (CVE-2026-12772)
vulnerability in litellm (CVE-2026-12772). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12771 |
|
Vulnerability in litellm (CVE-2026-12771)
vulnerability in litellm (CVE-2026-12771). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12770 |
|
Vulnerability in litellm (CVE-2026-12770)
vulnerability in litellm (CVE-2026-12770). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49468 |
|
Vulnerability in litellm (CVE-2026-49468)
vulnerability in litellm (CVE-2026-49468). Successful exploitation can lead to full system takeover. Exploitable via ``request.url.path``. Mitigation: upgrade to `1.84.0` or later.
|
| CVE-2026-47102 |
|
Authorization Flaw in litellm (CVE-2026-47102)
vulnerability in litellm (CVE-2026-47102). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.10` or later.
|
| CVE-2026-47101 |
|
Authorization Flaw in litellm (CVE-2026-47101)
vulnerability in litellm (CVE-2026-47101). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.14` or later.
|
| CVE-2026-40217 |
|
Vulnerability in litellm (CVE-2026-40217)
vulnerability in litellm (CVE-2026-40217). Successful exploitation can lead to full system takeover. Exploitable via `POST /guardrails/test_custom_code`. Mitigation: upgrade to `1.83.10` or later.
|
| CVE-2026-42271 KEV |
|
[KEV] Command Injection in Berriai litellm (CVE-2026-42271)
command injection in Berriai litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.83.7` or later.
|
| CVE-2026-42203 |
|
Vulnerability in litellm (CVE-2026-42203)
vulnerability in litellm (CVE-2026-42203). Successful exploitation can lead to full system takeover. Exploitable via `POST /prompts/test`. Mitigation: upgrade to `1.83.7` or later.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-35029 |
|
Authorization Flaw in litellm (CVE-2026-35029)
vulnerability in litellm (CVE-2026-35029). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.0` or later.
|
| CVE-2026-35030 |
|
Authentication Bypass in litellm (CVE-2026-35030)
authentication bypass in litellm (CVE-2026-35030). Confidential information can be exposed externally. Mitigation: upgrade to `1.83.0` or later.
|