CVE Catalog

CVE-2026-49468

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.56%

42th percentile — higher than 42% of all known CVEs

Summary

LiteLLM, a proxy server for calling LLM APIs, contained an unspecified vulnerability prior to version 1.84.0. The flaw has been fixed in version 1.84.0.

Risk Assessment

The vulnerability could allow an attacker to compromise the proxy server, potentially leading to unauthorized API access or data leakage.

Recommendation

Immediately upgrade LiteLLM to version 1.84.0 or later to remediate the vulnerability.

Original NVD description (English source)

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS