Lucene search
K

56 matches found

Chainguard
Chainguard
added 2026/06/23 8:16 a.m.6 views

GHSA-4XGF-CPJX-PC3J vulnerabilities

Vulnerabilities for packages: prefect, prefect-fips, semgrep, litellm, vllm-cuda-13.2, airflow, tritonserver-backend-vllm-cuda-12.9, mcp-atlassian, airflow-postgres-fips, azureml-inference-server-http-fips, lmcache-cuda-12.8, airflow-core, open-webui, azureml-inference-server-http,...

5.9AI score
Exploits0
CVE
CVE
added 2026/06/21 3:45 a.m.33 views

CVE-2026-12774

CVE-2026-12774 affects BerriAI litellm up to 1.82.2. The vulnerability targets the function _execute_with_mcp_client in litellm/proxy/_experimental/mcp_server/rest_endpoints.py (MCP Server Connection Testing). It enables server‑side request forgery through manipulation of this component, with rem...

6.5CVSS6AI score0.00262EPSS
Exploits1References5Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2026/06/08 12:0 a.m.36 views

VulnCheck KEV: CVE-2026-42271

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

8.8CVSS5.6AI score0.80188EPSS
In wildExploits1References2
vulnersOsv
vulnersOsv
added 2026/05/21 11:46 p.m.4 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +802 more potentially affected by CVE-2026-47102 via litellm (>=1.0.0 <=1.83.1)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47102 Source advisory: SNYK:PYTHON-LITELLM-16795354...

8.8CVSS7.5AI score0.00653EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/05/21 11:46 p.m.6 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +810 more potentially affected by CVE-2026-47101 via litellm (>=1.0.0 <=1.83.13)

litellm PYPI version =1.0.0, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47101 Source advisory: SNYK:PYTHON-LITELLM-16795355...

8.8CVSS7.5AI score0.00739EPSS
Exploits3
NVD
NVD
added 2026/05/21 9:16 p.m.13 views

CVE-2026-47102

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

8.8CVSS0.00653EPSS
Exploits2References11
GithubExploit
GithubExploit
added 2026/05/10 2:7 a.m.155 views

Exploit for SQL Injection in Litellm

Threat Intelligence Brief - CVE-2026-42208: BerriAI LiteLLM SQ...

9.8CVSS6.1AI score0.86607EPSS
Exploits7
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.13 views

CVE-2026-41168 vulnerabilities

Vulnerabilities for packages: open-webui, nemo, litellm...

6.9CVSS5.9AI score0.00297EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/24 4:17 p.m.5 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +265 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)

litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.1.14.13, =0.0.0.post0, =2.4.65 and more Source cves: CVE-2026-42208 Source advisory: OSV:GHSA-R75F-5X8P-QVMC...

9.8CVSS6.1AI score0.86607EPSS
Exploits7
vulnersOsv
vulnersOsv
added 2026/04/24 4:17 p.m.7 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +265 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)

litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.1.14.13, =0.0.0.post0, =2.4.65 and more Source cves: CVE-2026-42208 Source advisory: SNYK:PYTHON-LITELLM-16300164...

9.8CVSS6.1AI score0.86607EPSS
Exploits7
vulnersOsv
vulnersOsv
added 2026/04/24 4:2 p.m.5 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +280 more potentially affected by CVE-2026-42203 via litellm (>=1.80.5 <=1.83.4)

litellm PYPI version =1.80.5, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.1.14.13, =0.1.17.0 and more Source cves: CVE-2026-42203 Source advisory: OSV:GHSA-XQMJ-J6MV-4862...

8.8CVSS5.7AI score0.00373EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/20 10:0 p.m.8 views

01os (=0.0.14), 0xpwn (=0.1.1) +627 more potentially affected by CVE-2026-42271 via litellm (>=1.74.3 <=1.83.4)

litellm PYPI version =1.74.3, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.1.39, =0.2.1, =0.2.1.10062025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 - agent-quality-inspect =2.0.0a1 and more Source cves: CVE-2026-42271 Source advisory: SNYK:PYTHON-LITELLM-16119122...

8.8CVSS6AI score0.80188EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/10 1:43 p.m.7 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +826 more potentially affected by CVE-2026-40217 via litellm (>=1.0.0 <=1.83.8)

litellm PYPI version =1.0.0, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-40217 Source advisory: SNYK:PYTHON-LITELLM-16049285...

8.8CVSS6AI score0.06496EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/04/03 9:59 p.m.5 views

0xpwn (=0.1.1), a2a-acl (=0.0.14) +163 more potentially affected by CVE-2026-35030 via litellm (>=1.80.9 <=1.82.6)

litellm PYPI version =1.80.9, =0.0.1a0, =0.7.3, =0.1.46, =0.0.1, =0.1.14.13, =0.5.2, =0.1.0, =0.10.0, =2.0.0, =2.0.0, =2.0.3 - browser-use =0.12.4 and more Source cves: CVE-2026-35030 Source advisory: SNYK:PYTHON-LITELLM-15907831...

9.4CVSS5.7AI score0.0049EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/03 9:59 p.m.7 views

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +736 more potentially affected by CVE-2026-35029 via litellm (>=1.0.0 <=1.82.6)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 and more Source cves: CVE-2026-35029 Source advisory: SNYK:PYTHON-LITELLM-15907616...

8.8CVSS5.7AI score0.26409EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/04/01 6:33 a.m.6 views

01os (>=0.0.1 <=0.0.14), a2a-acl (=0.0.14) +650 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.82.3)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.1.0, =0.14.1a0, =0.64.1 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15870298...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/01 6:34 a.m.4 views

01os (>=0.0.1 <=0.0.14), aaf (>=0.3.5 <=0.3.9) +598 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.80.11)

litellm PYPI version =1.0.0, =0.0.1, =0.3.5, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.1.0, =0.14.1a0, =0.4.1, =0.1.0, =0.4.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15170825...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/01 6:37 a.m.6 views

01os (>=0.0.1 <=0.0.14), advanced-research (>=0.1.0 <=0.2.2) +421 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.77.5)

litellm PYPI version =1.0.0, =0.0.1, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.14.1a0, =0.1.0, =0.0.5, =0.3.1, =1.1.2, =1.4.3, =0.0.1, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-13803705...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/01 6:36 a.m.5 views

01os (>=0.0.1 <=0.0.14), advanced-research (>=0.1.0 <=0.2.2) +421 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.77.5)

litellm PYPI version =1.0.0, =0.0.1, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.14.1a0, =0.1.0, =0.0.5, =0.3.1, =1.1.2, =1.4.3, =0.0.1, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-13803635...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.15 views

LiteLLM 信息泄露漏洞

LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from an information disclosure vulnerability that stems from exposing sensitive information when handling the health endpoint APIKEY parameter, which could lead to credential...

3.5CVSS4.3AI score0.00418EPSS
Exploits1References2
Rows per page
Query Builder