CVE-2026-12774

Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3

Description An issue in the MCP Server Connection Testing component allows for server-side request forgery (SSRF), which is a flaw that enables an attacker to induce the server-side application to make requests to an unintended location. This occurs within the execute with mcp client() function located in the litellm/proxy/ experimental/mcp server/rest endpoints.py file. Remote exploitation of this flaw is possible.

Recommendations Update to version 1.82.3 or later. As a temporary workaround, restrict access to the execute with mcp client() function until the update is applied.