GHSA-4xpc-pv4p-pm3w: LiteLLM: Authentication Bypass via Host Header Injection
Summary
LiteLLM proxy had an authentication bypass vulnerability where a crafted Host header (the part of a web request that specifies which server is being contacted) could trick the auth layer into checking the wrong route, potentially allowing unauthorized access to protected management features. Most deployments are protected because upstream security layers like CDNs or reverse proxies validate the Host header, and LiteLLM Cloud customers are not affected.
Solution / Mitigation
Fixed in version 1.84.0. Upgrade to 1.84.0 or later with no configuration change required. If upgrading is not immediately possible, place the proxy behind an upstream component that validates or normalizes the Host header before forwarding, such as a CDN/WAF (web application firewall), a reverse proxy with explicit server_name allowlists, or a cloud load balancer with host-based routing rules, or restrict network access to the proxy listener.
Vulnerability Details
EPSS: 0.0%
Yes
June 16, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://github.com/advisories/GHSA-4xpc-pv4p-pm3w
First tracked: June 16, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%