CVE-2026-47102
LiteLLM Privilege Escalation via User Role Modification
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| litellm | litellm | to 1.83.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in LiteLLM versions prior to 1.83.10 and allows a user to modify their own user_role via the /user/update endpoint.
Although the endpoint restricts users to updating only their own account, it does not restrict which fields can be changed.
As a result, a user who can access this endpoint can set their role to proxy_admin, thereby gaining full administrative access to LiteLLM, including all users, teams, keys, models, and prompt history.
Users with the org_admin role have legitimate access to this endpoint and can exploit this vulnerability without needing to chain any additional flaws.
How can this vulnerability impact me? :
This vulnerability can have a severe impact as it allows a user to escalate their privileges to full administrative access within LiteLLM.
An attacker exploiting this flaw can control all users, teams, keys, models, and prompt history, potentially leading to unauthorized data access, modification, or deletion.
Such unauthorized administrative access can compromise the confidentiality, integrity, and availability of the system and its data.