CVE-2026-42271

>= 1.74.2 and < 1.83.7

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7

8.8HIGH

CVE-2026-42208

>= 1.81.16 and < 1.83.7

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.

9.8CRITICAL

CVE-2026-42203

>= 1.80.5 and < 1.83.7

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before version 1.83.7

8.8HIGH

CVE-2026-40217

<= 2026-04-08

LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom

8.8HIGH

CVE-2026-35030

< 1.83.0

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is

9.1CRITICAL

CVE-2026-35029

< 1.83.0

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint

8.8HIGH

CVE-2026-33634

all versions

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 r

8.8HIGH

CVE-2025-45809

all versions

SQL Injection vulnerability in BerriAI LiteLLM before 1.81.0 allows attackers to execute arbitrary commands via the key parameter

5.4MEDIUM

CVE-2025-0330

all versions

In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while

7.5HIGH

CVE-2024-9606

< 1.44.12

In berriai/litellm before version 1.44.12, the litellm/litellm_core_utils/litellm_logging.py file contains a vulnerability where

7.5HIGH

CVE-2024-8984

< 1.65.4

A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appendin

7.5HIGH

CVE-2024-6825

< 1.65.4

BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of th

8.8HIGH

CVE-2024-6587

all versions

A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to s

7.5HIGH

CVE-2024-5751

all versions

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability ex

9.8CRITICAL

CVE-2024-5710

all versions

berriai/litellm version 1.34.34 is vulnerable to improper access control in its team management functionality. This vulnerability

6.5MEDIUM

CVE-2024-5225

<= 1.40.2

An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the /global/spend/logs endpoint. Th

7.2HIGH

CVE-2024-4890

all versions

A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The

4.9MEDIUM

CVE-2024-4888

< 1.35.19

BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio

8.1HIGH

CVE-2024-4889

< 1.44.16

A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in t

7.2HIGH

CVE-2024-2952

< 1.34.42

BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the /completions endpoint. The vulnerability arises f

9.8CRITICAL