Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:29 a.m.5 views

CVE-2026-12773

A flaw was found in BerriAI litellm, within its MCP Proxy component. A remote attacker could exploit an improper authentication vulnerability in the UserAPIKeyAuth function. This could allow unauthorized access, potentially compromising the confidentiality, integrity, and availability of data...

9.8CVSS5.8AI score0.00612EPSS
Exploits1References8
NVD
NVD
added 2026/06/21 4:16 a.m.15 views

CVE-2026-12773

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/experimental/mcpserver/auth/userapikeyauthmcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched...

9.8CVSS0.00612EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/06/21 3:15 a.m.7 views

CVE-2026-12773 BerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authentication

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/experimental/mcpserver/auth/userapikeyauthmcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched...

7.5CVSS6.7AI score0.00612EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 3:15 a.m.8 views

CVE-2026-12773

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/experimental/mcpserver/auth/userapikeyauthmcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched...

7.5CVSS6.7AI score0.00612EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/06/21 3:15 a.m.80 views

CVE-2026-12773

Affected software: litellm MCP Proxy (BerriAI) up to version 1.59.8. The vulnerability lies in UserAPIKeyAuth in litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py, where authentication can be bypassed if an invalid token triggers a swallowed 401/403 exception, allowing unauthen...

9.8CVSS6.7AI score0.00612EPSS
Exploits1References8Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/27 12:28 a.m.8 views

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +95 more potentially affected by CVE-2026-44646 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-44646 Source advisory: OSV:GHSA-9X9P-QF8F-MVJG...

5.3CVSS5.7AI score0.00271EPSS
Exploits0
OSV
OSV
added 2026/04/14 9:19 p.m.8 views

MAL-2026-2669 Malicious code in ant-mcp-proxy-for-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564 During use of the package, it silently downloads and executes remote executables or scripts. During analysis, the remote resources were no longer available. Th...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 9:19 p.m.10 views

Malicious code in ant-mcp-proxy-for-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564 During use of the package, it silently downloads and executes remote executables or scripts. During analysis, the remote resources were no longer available. Th...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260202.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could lead to unauthorized acce...

5.8CVSS5.8AI score0.00208EPSS
Exploits0References2
Rows per page
Query Builder