PT-2026-35643

Name of the Vulnerable Software and Affected Versions LiteLLM versions 1.81.16 through 1.83.6 Description An unauthenticated pre-auth SQL injection exists in the proxy API key verification process. The issue occurs because a database query mixes caller-supplied values directly into the query text...

SUSE CVE-2025-62155

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.9.6, a recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applie...

CVE-2025-62155

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.9.6, a recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applie...

ai.ancf.lmos-router:lmos-router-hybrid-spring-boot-starter (=0.28.0), ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0) +18121 more potentially affected by CVE-2025-41249 via org.springframework:spring-core (>=6.0.0 <=6.1.21)

org.springframework:spring-core MAVEN version =6.0.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.1.0, =0.12.1 - ai.djl.spring:djl-spring-boot-starter-autoconfigure =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-auto =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-linux-x8664 =0.2...