CVE-2026-49468
Received Received - Intake
Remote Code Execution in LiteLLM Proxy Server

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: GitHub, Inc.

Description
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-23
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-49468
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
litellm litellm to 1.84.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-290 This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects LiteLLM, a proxy server that acts as an AI Gateway to call large language model (LLM) APIs in OpenAI or native format. The issue existed in versions prior to 1.84.0 and was fixed in version 1.84.0.

The vulnerability is severe, with a CVSS v4.0 base score of 9.5, indicating it is highly exploitable and impactful.

Impact Analysis

Given the high CVSS score of 9.5, this vulnerability can have a critical impact. It likely allows an attacker to exploit the LiteLLM proxy server remotely without privileges or user interaction, potentially leading to severe consequences such as complete compromise of the system or data.

Mitigation Strategies

The vulnerability in LiteLLM is fixed in version 1.84.0. To mitigate this vulnerability, you should immediately upgrade your LiteLLM installation to version 1.84.0 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49468. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart