PT-2026-53474 · Pypi · Litellm
Published
2026-06-29
·
Updated
2026-06-29
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the
add deployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sending a malicious payload to the /config/update endpoint, which is then processed and executed by the server when the get secret function is triggered. This requires the server to use Google KMS and a database to store a model.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Litellm