37.4% probability · 97.2th percentile — 2026-05-09
Affected versions
LiteLLM 1.81.16 to before 1.83.7
Summary
This unauthenticated SQL injection flaw affects LiteLLM AI proxy gateways, a common component for LLM deployments. Attackers can exploit the issue by sending a specially crafted Authorization header to any public LLM API route on the proxy. Successful exploitation allows attackers to read and potentially modify sensitive data stored in the proxy's database, including LLM provider API keys and user credentials.
Remediation
Upgrade LiteLLM to version 1.83.7 or later immediately. Restrict public access to LiteLLM proxy endpoints until the patch is applied. Audit your deployment for unauthorized access after patching to confirm no credentials were stolen.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.