2 matches found
CVE-2026-59820
A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. An authenticated user, with specific API route access, could upload a specially crafted skill archive. This archive, containing path traversal entries, would allow files to be written outside of the designated extracti...
Incorrect Permission Assignment for Critical Resource
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the generatekeyfn function, which allows a user with the Internal role to change the keys of another user whose...