Lucene search
K

75 matches found

Nuclei
Nuclei
added yesterday29 views

LiteLLM - Arbitrary File Read

LiteLLM 1.83.0 contains a broken access control vulnerability caused by lack of admin role enforcement on /config/update endpoint, letting authenticated users modify configurations, execute code, read files, and take over accounts. id: CVE-2026-35029 info: name: LiteLLM - Arbitrary File Read...

8.8CVSS6.2AI score0.26409EPSS
Exploits2References3
Cvelist
Cvelist
added 6 days ago27 views

CVE-2026-58143 Cotonti Siena 0.9.26 CSRF via admin.php Config Update Endpoint

Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes...

8.8CVSS0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-57002

Name of the Vulnerable Software and Affected Versions Cotonti Siena versions prior to 0.9.27 Description A cross-site request forgery CSRF issue exists where unauthenticated attackers can modify administrator configurations. This occurs because the admin.php config update handler does not invoke...

8.8CVSS6.3AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-389 litellm vulnerable to remote code execution based on using eval unsafely

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the adddeployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sendin...

9.8CVSS7.6AI score0.00875EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 6:4 a.m.4 views

CVE-2026-55741 Cotonti CSRF in admin.config.php allows unauthorized configuration changes

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action 'a=update' processes POST data via cotconfigupdateoptions without calling cotcheckxg to validate...

8.7CVSS6.1AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-43985

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS5.3AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 4:16 p.m.15 views

CVE-2026-43985

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS0.00146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:32 p.m.7 views

CVE-2026-43985

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 2:32 p.m.10 views

CVE-2026-43985 Taultulli has CSRF in /configUpdate via missing anti-CSRF and method restriction that allows admin credential takeover

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 2:32 p.m.10 views

EUVD-2026-34285

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 2:32 p.m.18 views

CVE-2026-43985

Tautulli (Python-based Plex monitoring) before v2.17.1 exposes the admin-changing endpoint /configUpdate without enforcing POST or anti-CSRF checks. In default form/JWT modes, the SameSite=Lax cookie permits top-level cross-site requests, enabling an attacker to coerce a logged-in admin to submit...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 2:32 p.m.37 views

CVE-2026-43985 Taultulli has CSRF in /configUpdate via missing anti-CSRF and method restriction that allows admin credential takeover

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

8.8CVSS0.00146EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/19 8:8 a.m.129 views

Exploit for Incorrect Authorization in Litellm

CVE-2026-35029 – LiteLLM /config/update privilege escalation...

8.8CVSS6AI score0.26409EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/04/07 2:13 p.m.6 views

CVE-2026-35029

A flaw was found in LiteLLM, an AI Gateway proxy server. An authenticated user can exploit a missing authorization check on the /config/update endpoint. This allows the user to modify proxy configurations and environment variables, leading to remote code execution by registering custom endpoint...

8.8CVSS6.5AI score0.26409EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/04/06 4:35 p.m.35 views

CVE-2026-35029 LiteLLM affected by privilege escalation via unrestricted proxy configuration endpoint

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment...

8.7CVSS0.26409EPSS
Exploits2References1
OSV
OSV
added 2026/04/06 4:35 p.m.2 views

CVE-2026-35029 LiteLLM affected by privilege escalation via unrestricted proxy configuration endpoint

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment...

8.7CVSS6.3AI score0.26409EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2026/04/06 4:35 p.m.4 views

CVE-2026-35029 LiteLLM affected by privilege escalation via unrestricted proxy configuration endpoint

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment...

8.7CVSS6.3AI score0.26409EPSS
Exploits2References1
CVE
CVE
added 2026/04/06 4:35 p.m.91 views

CVE-2026-35029

CVE-2026-35029 affects LiteLLM, a proxy AI Gateway. The /config/update endpoint lacks admin authorization, allowing an authenticated user to modify proxy config and environment variables, register attacker-controlled Python code handlers, achieve remote code execution, read arbitrary server files...

8.8CVSS6.3AI score0.26409EPSS
Exploits2References8Affected Software1
Veracode
Veracode
added 2026/04/04 5:28 a.m.9 views

Privilege Escalation

LiteLLM is vulnerable to Privilege Escalation. The vulnerability is due to missing admin authorization checks on the /config/update endpoint, which allows an authenticated attacker to modify configurations, execute arbitrary code, and access sensitive data...

8.8CVSS6AI score0.26409EPSS
Exploits2References10Affected Software1
Snyk
Snyk
added 2026/04/03 9:59 p.m.6 views

Incorrect Authorization

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Incorrect Authorization in the /config/update endpoint due to missing authorization checks. An attacker can modify proxy configuration, register custom endpoint handlers to...

9.9CVSS6AI score0.26409EPSS
Exploits2References2
Rows per page
Query Builder