EUVD-2026-21376

LiteLLM has a sandbox escape in custom-code guardrail...

CVE-2026-40217

A flaw was found in LiteLLM. A remote attacker can exploit this flaw by performing bytecode rewriting at the /guardrails/testcustomcode URI. This could lead to arbitrary code execution, allowing the attacker to run malicious code on the affected system. Mitigation Mitigation for this issue is...

GHSA-3926-2JVF-FG29 Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

CVE-2026-40217

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/testcustomcode URI...

CVE-2026-40217

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/testcustomcode URI...

CVE-2026-40217

LiteLLM (through 2026-04-08) is vulnerable to remote code execution via bytecode rewriting at /guardrails/test_custom_code. The CVSSv3.1 vector yields a high severity (8.8) with NETWORK attack, LOW privileges, no user interaction required. Affected component is unspecified beyond the URL vector; ...

Arbitrary Code Injection

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Arbitrary Code Injection in the /guardrails/testcustomcode endpoint through bytecode rewriting. An attacker can execute arbitrary code by sending specially crafted requests...

CVE-2026-40217

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/testcustomcode URI...

PT-2026-31920

Name of the Vulnerable Software and Affected Versions LiteLLM versions through 2026-04-08 Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test custom code URI. Recommendations Update LiteLLM to a version later than...

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Versions of LiteLLM dated before April 8, 2026, contain a security vulnerability. This vulnerability stems from the /guardrails/testcustomcode URI, which allows arbitrar...