CVE Catalog

CVE-2026-12772

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

11th percentile — higher than 11% of all known CVEs

Summary

A security flaw has been discovered in BerriAI litellm up to version 1.82.2, impacting the function authenticate_user in the file litellm/proxy/auth/login_utils.py of the PROXY_ADMIN database API Key Generator. Manipulating this function results in session expiration.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a risk to the integrity of user sessions. The public release of the exploit increases the likelihood of attacks.

Recommendation

It is recommended to update to the latest version of BerriAI litellm to mitigate this vulnerability. Additionally, monitor logs and user sessions for potential attack attempts.

Original NVD description (English source)

A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticate_user of the file litellm/proxy/auth/login_utils.py of the component PROXY_ADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS