CVE Catalog
CVE-2026-49468
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.56%
42th percentile — higher than 42% of all known CVEs
Summary
LiteLLM, a proxy server for calling LLM APIs, contained an unspecified vulnerability prior to version 1.84.0. The flaw has been fixed in version 1.84.0.
Risk Assessment
The vulnerability could allow an attacker to compromise the proxy server, potentially leading to unauthorized API access or data leakage.
Recommendation
Immediately upgrade LiteLLM to version 1.84.0 or later to remediate the vulnerability.
Original NVD description (English source)
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

