CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

VulnCheck KEV: CVE-2026-42271

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

8.8CVSS5.6AI score0.60784EPSS

In wildExploits1References2

vulnersOsv•added 2026/05/21 11:46 p.m.•2 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +806 more potentially affected by CVE-2026-47102 via litellm (>=1.0.0 <=1.83.1)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47102 Source advisory: SNYK:PYTHON-LITELLM-16795354...

8.8CVSS5.4AI score0.0006EPSS

Exploits2

vulnersOsv•added 2026/05/21 11:46 p.m.•2 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +816 more potentially affected by CVE-2026-47101 via litellm (>=1.0.0 <=1.83.13)

litellm PYPI version =1.0.0, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47101 Source advisory: SNYK:PYTHON-LITELLM-16795355...

8.8CVSS5.4AI score0.00051EPSS

Exploits3

NVD•added 2026/05/21 9:16 p.m.•6 views

CVE-2026-47102

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

8.8CVSS0.0006EPSS

Exploits2References7

GithubExploit•added 2026/05/10 2:7 a.m.•125 views

Exploit for SQL Injection in Litellm

Threat Intelligence Brief - CVE-2026-42208: BerriAI LiteLLM SQ...

9.8CVSS6.1AI score0.6259EPSS

Exploits5

Chainguard•added 2026/05/06 7:17 p.m.•10 views

CVE-2026-41168 vulnerabilities

Vulnerabilities for packages: nemo, litellm, open-webui...

6.9CVSS5.4AI score0.00052EPSS

Exploits0

vulnersOsv•added 2026/04/24 4:17 p.m.•4 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +285 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)

litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.5.2, =0.1.0, =0.1.0, =0.1.0, =0.2.4, =0.2.15 and more Source cves: CVE-2026-42208 Source advisory: SNYK:PYTHON-LITELLM-16300164...

9.8CVSS5.9AI score0.6259EPSS

Exploits5

vulnersOsv•added 2026/04/24 4:17 p.m.•3 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +285 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)

9.8CVSS5.9AI score0.6259EPSS

Exploits5

vulnersOsv•added 2026/04/24 4:2 p.m.•3 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +300 more potentially affected by CVE-2026-42203 via litellm (>=1.80.5 <=1.83.4)

litellm PYPI version =1.80.5, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.5.2, =0.1.0, =0.1.0, =0.1.0, =0.2.4, =0.2.15 and more Source cves: CVE-2026-42203 Source advisory: OSV:GHSA-XQMJ-J6MV-4862...

8.8CVSS5.4AI score0.00067EPSS

Exploits1

vulnersOsv•added 2026/04/20 10:0 p.m.•3 views

01os (=0.0.14), 0xpwn (=0.1.1) +647 more potentially affected by CVE-2026-42271 via litellm (>=1.74.3 <=1.83.4)

litellm PYPI version =1.74.3, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.1.39, =0.2.1, =0.2.1.10062025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 - agent-quality-inspect =2.0.0a1 and more Source cves: CVE-2026-42271 Source advisory: SNYK:PYTHON-LITELLM-16119122...

8.8CVSS5.8AI score0.60784EPSS

Exploits1

vulnersOsv•added 2026/04/10 1:43 p.m.•5 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +846 more potentially affected by CVE-2026-40217 via litellm (>=1.0.0 <=1.83.8)

litellm PYPI version =1.0.0, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-40217 Source advisory: SNYK:PYTHON-LITELLM-16049285...

8.8CVSS5.4AI score0.00098EPSS

Exploits2

vulnersOsv•added 2026/04/03 9:59 p.m.•2 views

0xpwn (=0.1.1), a2a-acl (=0.0.14) +160 more potentially affected by CVE-2026-35030 via litellm (>=1.80.9 <=1.82.6)

litellm PYPI version =1.80.9, =0.0.1a0, =0.7.3, =0.1.46, =0.0.1, =0.1.14.13, =0.5.2, =0.1.0, =0.10.0, =2.0.0, =2.0.0, =2.0.1 - browser-use =0.12.4 and more Source cves: CVE-2026-35030 Source advisory: SNYK:PYTHON-LITELLM-15907831...

9.4CVSS5.4AI score0.00048EPSS

Exploits1

vulnersOsv•added 2026/04/03 9:59 p.m.•3 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +734 more potentially affected by CVE-2026-35029 via litellm (>=1.0.0 <=1.82.6)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 and more Source cves: CVE-2026-35029 Source advisory: SNYK:PYTHON-LITELLM-15907616...

8.8CVSS5.4AI score0.1938EPSS

Exploits2

vulnersOsv•added 2026/04/01 6:33 a.m.•2 views

01os (>=0.0.1 <=0.0.14), a2a-acl (=0.0.14) +647 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.82.3)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.1.0, =0.14.1a0, =0.64.1 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15870298...

5.5AI score

Exploits0

vulnersOsv•added 2026/03/23 10:0 p.m.•2 views

01os (>=0.0.1 <=0.0.14), 0xpwn (>=0.1.0 <=0.1.1) +3086 more potentially affected by unknown CVE via litellm (>=0.11.1 <=1.88.0.dev1)

litellm PYPI version =0.11.1, =0.0.1, =0.1.0, =0.1.0, =0.3.0, =0.0.13, =0.0.13, =0.1.3, =0.0.4, =0.1.0, =0.0.1a0, =0.3.5, =0.1.1.dev1, =0.2.2, =0.2.1, =0.2.0, =0.6.1 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15762713...

5.5AI score

Exploits0

vulnersOsv•added 2026/02/01 6:34 a.m.•0 views

01os (>=0.0.1 <=0.0.14), aaf (>=0.3.5 <=0.3.9) +597 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.80.11)

litellm PYPI version =1.0.0, =0.0.1, =0.3.5, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.1.0, =0.14.1a0, =0.4.1, =0.1.0, =0.4.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15170825...

5.5AI score

Exploits0

vulnersOsv•added 2025/11/01 6:37 a.m.•1 views

01os (>=0.0.1 <=0.0.14), advanced-research (>=0.1.0 <=0.2.2) +422 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.77.5)

litellm PYPI version =1.0.0, =0.0.1, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.14.1a0, =0.1.0, =0.0.5, =0.3.1, =1.1.2, =1.4.3, =0.0.1, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-13803705...

5.5AI score

Exploits0

vulnersOsv•added 2025/11/01 6:36 a.m.•2 views

01os (>=0.0.1 <=0.0.14), advanced-research (>=0.1.0 <=0.2.2) +422 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.77.5)

5.5AI score

Exploits0

CNNVD•added 2025/10/29 12:0 a.m.•1 views

LiteLLM 信息泄露漏洞

LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from an information disclosure vulnerability that stems from exposing sensitive information when handling the health endpoint APIKEY parameter, which could lead to credential...

3.5CVSS4.3AI score0.00101EPSS

Exploits1References2