CVE-2026-12772
Received Received - Intake
Session Expiration Flaw in BerriAI litellm Proxy

Publication date: 2026-06-21

Last updated on: 2026-06-21

Assigner: VulDB

Description
A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticate_user of the file litellm/proxy/auth/login_utils.py of the component PROXY_ADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-21
Last Modified
2026-06-21
Generated
2026-06-21
AI Q&A
2026-06-21
EPSS Evaluated
N/A
NVD
CVE-2026-12772
EUVD
EUVD-2026-38138
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
berriai litellm to 1.82.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-613 According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-12772 is a security flaw in BerriAI LiteLLM up to version 1.82.2, specifically in the authentication process of the Admin UI. The vulnerability arises because the /login endpoint continues to generate permanent database API keys for both admin and user accounts, embedding these keys inside JWT cookies without expiration.

An attacker who intercepts a login cookie can decode the JWT without needing a secret, extract the embedded permanent database key, and use it as an admin bearer token. This token remains valid beyond the JWT session lifetime, allowing persistent unauthorized access.

The root cause is a regression during a JWT migration where the function generating these permanent keys was not removed, and previous fixes for token expiration were eliminated. This leads to session persistence even after logout and accumulation of keys in the database, which can degrade performance.

Impact Analysis

This vulnerability can lead to unauthorized persistent admin access because attackers can use intercepted JWT cookies to obtain permanent database API keys.

It breaks session management by allowing sessions to remain valid even after logout, increasing the risk of account compromise.

Additionally, the accumulation of permanent keys in the database can cause performance degradation over time.

Overall, it exposes sensitive data and increases the attack surface for malicious actors.

Detection Guidance

This vulnerability can be detected by monitoring login requests to the LiteLLM Admin UI, specifically looking for the creation of permanent PROXY_ADMIN database API keys embedded within JWT cookies under the "key" field.

Since the JWT tokens can be decoded without a secret, you can decode the JWT cookie from login requests to extract the embedded database key and check if these keys persist beyond the expected session lifetime.

Additionally, inspecting the database for an accumulation of permanent API keys can indicate the presence of this vulnerability.

  • Capture the JWT cookie from login requests (e.g., using browser developer tools or network capture tools like Wireshark or tcpdump).
  • Decode the JWT token payload using a tool like jwt.io or command line tools (e.g., `jq` with base64 decoding) to extract the "key" field.
  • Query the LiteLLM database (e.g., PostgreSQL) to count the number of permanent PROXY_ADMIN keys stored and check for keys that do not expire.
  • Example command to decode JWT token payload (replace <token>): `echo '<token>' | cut -d '.' -f2 | base64 -d | jq '.'`
  • Example SQL query to check keys accumulation: `SELECT COUNT(*) FROM proxy_admin_keys WHERE expiration IS NULL OR expiration > NOW();`
Mitigation Strategies

The immediate mitigation step is to upgrade LiteLLM to a version later than 1.82.2 where this vulnerability has been patched.

If upgrading is not immediately possible, consider manually removing or disabling the `generate_key_helper_fn()` call in the `login_utils.py` file to prevent permanent API key generation during login.

Additionally, implement a cleanup process to expire or remove accumulated permanent PROXY_ADMIN database keys to reduce the risk of unauthorized access and database bloat.

Monitor and restrict access to the `/login` and `/onboarding/get_token` endpoints to reduce exposure.

Ensure that JWT tokens are properly expired and that session management is enforced to prevent session persistence beyond intended lifetimes.

Compliance Impact

The vulnerability CVE-2026-12772 leads to broken session management and sensitive data exposure by allowing attackers to obtain permanent admin bearer tokens through intercepted JWT cookies. This unauthorized access risk can result in compromised user data and prolonged session persistence beyond intended lifetimes.

Such security flaws can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls on user authentication, session management, and protection of sensitive data. The exposure of permanent database API keys and the ability for attackers to maintain unauthorized access may violate requirements for data confidentiality, integrity, and access control.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12772. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart