CVE-2026-35029

Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.83.0

Description LiteLLM is a proxy server for LLM APIs. The /config/update API endpoint did not enforce admin role authorization, allowing authenticated users to modify proxy configurations and environment variables. This could lead to remote code execution by registering custom pass-through endpoint handlers pointing to attacker-controlled Python code, reading arbitrary server files via the /get image endpoint by manipulating the UI LOGO PATH variable, and taking over privileged accounts by overwriting the UI USERNAME and UI PASSWORD environment variables. The endpoint now requires the proxy admin role.

Recommendations Update to version 1.83.0 or later.