Lucene search
K

416 matches found

Nuclei
Nuclei
added yesterday28 views

LiteLLM - SQL Injection

LiteLLM 1.81.16 to 1.83.7 contains a SQL injection caused by improper handling of caller-supplied key in database query during proxy API key checks, letting unauthenticated attackers read and modify database data, exploit requires crafted Authorization header. id: CVE-2026-42208 info: name: LiteL...

9.8CVSS6.2AI score0.86607EPSS
Exploits7References3
Nuclei
Nuclei
added yesterday15 views

LiteLLM - Command Injection

A critical unauthenticated remote code execution vulnerability exists in LiteLLM due to improper input handling in the MCP stdio test endpoint. An attacker can send a specially crafted request to the /mcp-rest/test/connection endpoint with controlled parameters, resulting in arbitrary command...

8.8CVSS7.2AI score0.80188EPSS
Exploits4References4
Nuclei
Nuclei
added yesterday28 views

LiteLLM - Arbitrary File Read

LiteLLM 1.83.0 contains a broken access control vulnerability caused by lack of admin role enforcement on /config/update endpoint, letting authenticated users modify configurations, execute code, read files, and take over accounts. id: CVE-2026-35029 info: name: LiteLLM - Arbitrary File Read...

8.8CVSS6.2AI score0.26409EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday85 views

LiteLLM - Server-Side Request Forgery

LiteLLM vulnerable to Server-Side Request Forgery SSRF vulnerability Exposes OpenAI API Keys. id: CVE-2024-6587 info: name: LiteLLM - Server-Side Request Forgery author: pdresearch,iamnoooob,rootxharsh,lambdasawa severity: high description: | LiteLLM vulnerable to Server-Side Request Forgery SSRF...

7.5CVSS7.1AI score0.37197EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59821

A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. A privileged user with access to create or update custom code guardrails could exploit this vulnerability. The flaw allowed the user to submit custom Python code that would execute within the LiteLLM proxy environment,...

7.2CVSS6.1AI score0.00288EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-59819

A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. A privileged caller, such as a proxy administrator, with permissions to test model connections, could exploit the /health/testconnection endpoint. By supplying specific environment or OIDC OpenID Connect file reference...

4.9CVSS6AI score0.00278EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 5 days ago10 views

CVE-2026-59820

A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. An authenticated user, with specific API route access, could upload a specially crafted skill archive. This archive, containing path traversal entries, would allow files to be written outside of the designated extracti...

8.1CVSS6AI score0.00323EPSS
Exploits0References7
Snyk
Snyk
added 6 days ago6 views

External Control of File Name or Path

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to External Control of File Name or Path via request-supplied OIDC file references through the /health/testconnection handler in litellm/proxy/healthendpoints/healthendpoints....

6.9CVSS6.2AI score0.00278EPSS
Exploits0References2
Snyk
Snyk
added 6 days ago6 views

Authentication Bypass Using an Alternate Path or Channel

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the OAuth2 passthrough fallback in MCPRequestHandler.processmcprequest in...

8.8CVSS6.1AI score0.00286EPSS
Exploits0References2
NVD
NVD
added 6 days ago8 views

CVE-2026-59819

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.10-stable, LiteLLM's /health/testconnection endpoint resolved request-supplied environment and OIDC file references in litellmparams, allowing a proxy administrator or another privileged caller with...

4.9CVSS0.00278EPSS
Exploits0References3
NVD
NVD
added 6 days ago5 views

CVE-2026-59822

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key...

8.8CVSS0.00286EPSS
Exploits0References4
NVD
NVD
added 6 days ago5 views

CVE-2026-59821

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to creat...

7.2CVSS0.00288EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-59819 LiteLLM: Local file read via request-supplied OIDC file references

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.10-stable, LiteLLM's /health/testconnection endpoint resolved request-supplied environment and OIDC file references in litellmparams, allowing a proxy administrator or another privileged caller with...

2.1CVSS0.00278EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-59822 LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key...

8.8CVSS0.00286EPSS
Exploits0References4
CVE
CVE
added 6 days ago30 views

CVE-2026-59822

LiteLLM (proxy server for LLM APIs)Prior to 1.84.0, LiteLLM’s MCP Streamable HTTP endpoint was vulnerable to an unauthenticated exploit where a fabricated Authorization header triggered an OAuth2 passthrough fallback. This path replaced failed LiteLLM key validation with an empty UserAPIKeyAuth()...

8.8CVSS6AI score0.00286EPSS
Exploits0References4Affected Software1
CVE
CVE
added 6 days ago5 views

CVE-2026-59820

LiteLLM is a proxy AI gateway. A path traversal flaw existed in LiteLLM Skills archive extraction prior to version 1.83.7-stable, where uploaded skill ZIPs could write outside the intended extraction directory when an authenticated user accessed LLM API routes or held a key with /v1/skills, anthr...

6.5CVSS5.9AI score0.00323EPSS
Exploits0References4Affected Software1
CVE
CVE
added 6 days ago7 views

CVE-2026-59821

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to creat...

7.2CVSS6AI score0.00288EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56544

Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.82.0-stable Description LiteLLM is a proxy server that acts as an AI Gateway for calling LLM APIs. A flaw exists in the production create and update paths of the Custom Code Guardrails, which failed to apply the sam...

2.1CVSS6.1AI score0.00288EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56542

Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.83.10-stable Description LiteLLM is a proxy server that functions as an AI Gateway for calling LLM APIs. The '/health/test connection' endpoint resolves request-supplied environment and OIDC file references within t...

2.1CVSS6.1AI score0.00278EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-388 LiteLLM: Authentication Bypass via Host Header Injection

Impact A Host-header parsing flaw in the LiteLLM proxy could, under specific conditions, allow unauthenticated access to protected management routes. The auth layer derived the effective route from request.url.path in litellm/proxy/auth/authutils.py::getrequestroute, which Starlette reconstructs...

9.5CVSS5.8AI score0.00559EPSS
Exploits1References6
Rows per page
Query Builder