{"data":{"id":"bd0ae376-73e4-48a9-aae8-351c7e93754d","title":"LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers","summary":"LiteLLM, a widely-used open-source AI gateway (a system that routes AI requests to multiple providers), has a critical vulnerability chain (CVSS score of 9.9, meaning extremely severe) that lets low-privilege users gain full admin control and run code on the server. The three bugs work together: an authorization bypass (CVE-2026-47101) that lets users create keys with unlimited access, a privilege escalation (CVE-2026-47102) that promotes users to admin, and a sandbox escape (CVE-2026-40217) that executes arbitrary code. This compromise exposes all provider API keys, encrypted credentials, and all prompts and responses passing through the gateway, plus allows attackers to alter AI responses in transit.","solution":"Upgrade to LiteLLM v1.83.14-stable or later. This release, published May 2, includes the complete fix set for all three CVEs in the vulnerability chain.","labels":["security"],"sourceUrl":"https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html","publishedAt":"2026-06-15T16:39:01.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["LiteLLM","OpenAI","Anthropic","Google","Amazon","Microsoft Azure"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-15T16:39:01.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}