CVE-2026-12797 BerriAI litellm Completions banned_keywords.py async_pre_call_hook authorization
A security flaw has been discovered in BerriAI litellm up to 1.82.5. Affected is the function asyncprecallhook of the file enterprise/enterprisehooks/bannedkeywords.py of the component Completions Interface. The manipulation of the argument prompt results in incorrect authorization. The attack ma...