2 matches found
CVE-2026-59819
A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. A privileged caller, such as a proxy administrator, with permissions to test model connections, could exploit the /health/testconnection endpoint. By supplying specific environment or OIDC OpenID Connect file reference...
CVE-2026-59819
LiteLLM (proxy server AI Gateway) prior to 1.83.10-stable allows a privileged caller via /health/test_connection to resolve request-supplied litellm_params environment and OIDC file references, enabling potential local file reads through an oidc/file/ reference. This is fixed in version 1.83.10-s...