Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:29 a.m.5 views

CVE-2026-12773

A flaw was found in BerriAI litellm, within its MCP Proxy component. A remote attacker could exploit an improper authentication vulnerability in the UserAPIKeyAuth function. This could allow unauthorized access, potentially compromising the confidentiality, integrity, and availability of data...

9.8CVSS5.8AI score0.00612EPSS
Exploits1References8
NVD
NVD
added 2026/06/21 4:16 a.m.15 views

CVE-2026-12773

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/experimental/mcpserver/auth/userapikeyauthmcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched...

9.8CVSS0.00612EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/21 1:0 a.m.34 views

CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization

A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/userapikeyauth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is...

5CVSS0.00288EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/21 1:0 a.m.10 views

EUVD-2026-38137

A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/userapikeyauth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is...

5CVSS5.3AI score0.00288EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.13 views

PT-2026-51197

Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.59.9 Description An improper authentication flaw exists in the MCP Proxy component. Specifically, the UserAPIKeyAuth function within the file litellm/proxy/ experimental/mcp server/auth/user api key auth...

9.8CVSS7.2AI score0.00612EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.13.1 : curl (EulerOS-SA-2026-2122)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...

6.3CVSS7.5AI score0.00611EPSS
Exploits3References5
OSV
OSV
added 2026/02/21 8:48 a.m.8 views

CLSA-2026-1771663697 curl: Fix of 2 CVEs

CVE-2025-14524: fix OAuth2 bearer token leak on cross-protocol redirect - CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...

5.3CVSS6.4AI score0.00611EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-3119

Memory leak in the requestkeyauthdestroy function in requestkeyauth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service memory consumption via a large number of authorization token keys...

2.1CVSS6.4AI score0.0039EPSS
Exploits0References3
Hacker One
Hacker One
added 2014/10/27 3:37 p.m.18 views

WP API: MD5 used for Key-Auth signatures

https://github.com/WP-API/Key-Auth/blob/f9b74b3e4df667cfb44baba556eafde65fa3aec9/key-auth.phpL65 MD5 is vulnerable to length-extension attacks. Maybe consider changing this to hashhmac'sha256', jsonencode$args, $secret?...

0.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/10/27 3:9 p.m.8 views

security flaw

Memory leak in the requestkeyauthdestroy function in requestkeyauth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service memory consumption via a large number of authorization token keys...

2.1CVSS5.7AI score0.0039EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2005/10/11 12:0 a.m.5 views

PT-2005-3947 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.10 through 2.6.13 Description: The issue is related to a memory leak in the request key auth destroy function within the request key auth component of the Linux kernel. This leak allows local users to cause a denial ...

5CVSS4.1AI score0.03542EPSS
Exploits1References181
Rows per page
Query Builder