CVE-2026-12771
MediumCVSS 5.0Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
A vulnerability was identified in BerriAI litellm up to version 1.82.2, affecting an unknown function of the file litellm/proxy/auth/user_api_key_auth.py of the M2M JWT Handler component. This manipulation leads to improper authorization.
Risk Assessment
The attack can be launched remotely, and a high complexity level is associated with it. A publicly available exploit may be used.
Recommendation
It is recommended to update to the latest version of BerriAI litellm to mitigate the risk associated with this vulnerability.
Original NVD description (English source)
A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/user_api_key_auth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is reported as difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.

