CVE Catalog

CVE-2026-12774

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

11th percentile — higher than 11% of all known CVEs

Summary

A vulnerability has been detected in BerriAI litellm up to version 1.82.2, affecting the function _execute_with_mcp_client in the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py. The manipulation leads to server-side request forgery.

Risk Assessment

The vulnerability allows for remote exploitation, potentially leading to unauthorized access to server resources. The public disclosure of the exploit increases the risk of it being used by third parties.

Recommendation

It is recommended to update BerriAI litellm to the latest version to eliminate this vulnerability. Additionally, monitor systems for potential attempts to exploit this flaw.

Original NVD description (English source)

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function _execute_with_mcp_client of the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS