PT-2026-51182 · Berriai · Litellm
Eric-C
·
Published
2026-06-21
·
Updated
2026-06-21
·
CVE-2026-12770
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
litellm versions prior to 1.63.2
Description
An improper authorization issue exists in the Admin Key Handler component within the file
litellm/proxy/management endpoints/key management endpoints.py. This flaw allows a remote attacker to bypass authorization requirements through an unknown function.Recommendations
Apply patch 23781 to resolve the issue.
Exploit
Fix
Improper Authorization
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Litellm