GHSA-5mg7-485q-xm76: Two LiteLLM versions published containing credential harvesting malware
criticalvulnerabilityLLM-Specific
security
Source: GitHub Advisory DatabaseMarch 25, 2026
Summary
Two versions of LiteLLM (a Python library for working with multiple AI models), versions 1.82.7 and 1.82.8, were published with malware that steals user credentials (usernames, passwords, and authentication tokens). This is a critical security issue because anyone who installed these specific versions could have their sensitive login information compromised.
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
LangChain
Affected Packages
litellm@>= 1.82.7, <= 1.82.8
Related Issues
Original source: https://github.com/advisories/GHSA-5mg7-485q-xm76
First tracked: March 25, 2026 at 11:40 AM
Classified by LLM (prompt v3) · confidence: 95%