CVE-2026-35030
JWT Cache Key Collision in LiteLLM Enables Unauthorized Access
Publication date: 2026-04-06
Last updated on: 2026-04-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| litellm | litellm | to 1.83.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an unauthenticated attacker to impersonate legitimate users by bypassing authentication, thereby gaining access to sensitive information and permissions. Such unauthorized access and potential data exposure can lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls on user authentication and data confidentiality.
Because the vulnerability results in high confidentiality and integrity loss, organizations using affected versions of LiteLLM with JWT/OIDC authentication enabled may fail to meet compliance requirements related to protecting personal and sensitive data.
Can you explain this vulnerability to me?
CVE-2026-35030 is a critical authentication bypass vulnerability in the Python package litellm versions prior to 1.83.0 when JWT authentication is enabled.
The issue arises because the OIDC userinfo cache uses only the first 20 characters of the JWT token as the cache key. Since JWT headers generated by the same signing algorithm share identical first 20 characters, an attacker can craft a malicious token that matches these characters.
This allows the attacker to bypass authentication and inherit the identity and permissions of a legitimate user without needing any privileges or user interaction.
The vulnerability affects deployments with JWT/OIDC authentication enabled and userinfo caching active, and was fixed in litellm version 1.83.0 by using the full hash of the JWT token as the cache key instead.
How can this vulnerability impact me? :
This vulnerability can have a severe impact as it allows an unauthenticated attacker to impersonate legitimate users by bypassing authentication.
The attacker inherits the legitimate user's identity and permissions, which can lead to unauthorized access to sensitive information and the ability to modify data.
The impact includes high confidentiality and integrity loss, though availability is not affected.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects litellm versions prior to 1.83.0 when JWT authentication is enabled with OIDC userinfo caching active. Detection involves verifying the litellm version and configuration settings.
- Check the installed litellm version to confirm if it is prior to 1.83.0.
- Inspect the litellm configuration file or environment to see if JWT authentication is enabled (enable_jwt_auth: true).
- Verify if OIDC userinfo caching is active (cache TTL not set to zero).
Suggested commands to assist detection:
- Check litellm version: `pip show litellm` or `litellm --version`
- Search configuration for JWT auth enabled: `grep enable_jwt_auth /path/to/litellm/config`
- Check cache TTL setting: `grep cache_ttl /path/to/litellm/config`
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, you should update litellm to version 1.83.0 or later where the issue is fixed.
If updating is not immediately possible, consider the following workarounds:
- Disable OIDC userinfo caching by setting the cache TTL to zero.
- Disable JWT authentication entirely if feasible.
These steps prevent attackers from exploiting the cache key collision vulnerability and protect user identity and permissions.