Lucene search
+L

Incorrect Authorization

🗓️ 21 Jun 2026 03:06:00Reported by Snyk Security DatabaseType 
snyk
 snyk
🔗 security.snyk.io👁 10 Views

Incorrect authorization in litellm's M2M JWT Handler allows unauthorized access with crafted JSON Web Tokens.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-12771
21 Jun 202601:00
attackerkb
Circl
CVE-2026-12771
21 Jun 202603:54
circl
CVE
CVE-2026-12771
21 Jun 202601:00
cve
Cvelist
CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization
21 Jun 202601:00
cvelist
EUVD
EUVD-2026-38137
21 Jun 202601:00
euvd
NVD
CVE-2026-12771
21 Jun 202602:16
nvd
OSV
CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization
21 Jun 202601:00
osv
OSV
MINI-GQ2Q-42X3-P5MW
12 Jul 202619:27
osv
OSV
MINI-VCCG-WW56-H79G
12 Jul 202619:26
osv
Positive Technologies
PT-2026-51186
21 Jun 202600:00
ptsecurity
Rows per page
Vulners
Node
litellmlitellmRange<1.89.0rc1

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Jun 2026 13:29Current
6Medium risk
Vulners AI Score6
CVSS 42.3
CVSS 3.15 - 7.5
CVSS 24.6
CVSS 35
EPSS0.00288
SSVC
10