PT-2026-56543 · Berriai · Litellm
Published
2026-07-08
·
Updated
2026-07-08
·
CVE-2026-59820
CVSS v4.0
6.1
Medium
| Vector | AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
LiteLLM versions prior to 1.83.7-stable
Description
LiteLLM, a proxy server used to call LLM APIs, contains a flaw in its Skills archive extraction process. An authenticated user with access to the LLM API routes or a key permitted to use
/v1/skills, anthropic routes, or llm api routes can upload a specially crafted ZIP archive. This archive can contain path traversal entries, which allow files to be written outside the intended extraction or staging directory. Path traversal is a technique used to access files and directories that are stored outside the web root folder. This issue has been exploited in real-world incidents.Recommendations
Update to version 1.83.7-stable.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Litellm