CVE-2026-12774
MediumCVSS 6.3Exploitation Probability (EPSS)
Low risk11th percentile — higher than 11% of all known CVEs
Summary
A vulnerability has been detected in BerriAI litellm up to version 1.82.2, affecting the function _execute_with_mcp_client in the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py. The manipulation leads to server-side request forgery.
Risk Assessment
The vulnerability allows for remote exploitation, potentially leading to unauthorized access to server resources. The public disclosure of the exploit increases the risk of it being used by third parties.
Recommendation
It is recommended to update BerriAI litellm to the latest version to eliminate this vulnerability. Additionally, monitor systems for potential attempts to exploit this flaw.
Original NVD description (English source)
A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function _execute_with_mcp_client of the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

