CVE Catalog

CVE-2026-12795

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

31th percentile - higher than 31% of all known CVEs

Summary

A vulnerability was determined in BerriAI litellm up to version 1.82.2, affecting the function json.dumps in the file litellm/proxy/management_endpoints/ui_sso.py of the SSO Debug Flow component. Manipulating this function can lead to missing authentication.

Risk Assessment

An attacker can remotely exploit this vulnerability, potentially resulting in unauthorized access to the system. The public disclosure of the vulnerability increases the risk of its exploitation.

Recommendation

It is recommended to update BerriAI litellm to the latest version to mitigate this vulnerability. Additionally, monitor systems for unauthorized access attempts.

Original NVD description (English source)

A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS