OSV - Open Source Vulnerabilities

GHSA-69x8-hrgq-fjj8

PyPI/litellm

LiteLLM: Password hash exposure and pass-the-hash authentication bypass

08 Apr

Fix available
Severity - 8.6 (High)

GHSA-jjhc-v7c2-5hh6

PyPI/litellm

LiteLLM: Authentication bypass via OIDC userinfo cache key collision

03 Apr

Fix available
Severity - 9.4 (Critical)

GHSA-53mr-6c8q-9789

PyPI/litellm

LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint

03 Apr

Fix available
Severity - 8.7 (High)

GHSA-5mg7-485q-xm76

PyPI/litellm

Two LiteLLM versions published containing credential harvesting malware

25 Mar

No fix available

PYSEC-2026-2

PyPI/litellm

Two litellm versions published containing credential harvesting malware

24 Mar

No fix available

MAL-2026-2144

PyPI/litellm

Malicious code in litellm (PyPI)

24 Mar

No fix available

GHSA-879v-fggm-vxw2

PyPI/litellm

LiteLLM Has a Leakage of Langfuse API Keys

20 Mar 2025

No fix available
Severity - 7.5 (High)

GHSA-fjcf-3j3r-78rp

PyPI/litellm

LiteLLM Has an Improper Authorization Vulnerability

20 Mar 2025

Fix available
Severity - 8.1 (High)

GHSA-g5pg-73fc-hjwq

PyPI/litellm

LiteLLM Reveals Portion of API Key via a Logging File

20 Mar 2025

Fix available
Severity - 7.5 (High)

GHSA-fh2c-86xm-pm2x

PyPI/litellm

LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request

20 Mar 2025

Fix available
Severity - 7.5 (High)

GHSA-53gh-p8jc-7rg8

PyPI/litellm

LiteLLM Vulnerable to Remote Code Execution (RCE)

20 Mar 2025

No fix available
Severity - 8.8 (High)

GHSA-gw2q-qw9j-rgv7

PyPI/litellm

LiteLLM Vulnerable to Denial of Service (DoS)

20 Mar 2025

Fix available
Severity - 7.5 (High)

GHSA-g26j-5385-hhw3

PyPI/litellm

LiteLLM Server-Side Request Forgery (SSRF) vulnerability

13 Sep 2024

Fix available
Severity - 8.7 (High)

GHSA-gppg-gqw8-wh9g

PyPI/litellm

litellm vulnerable to remote code execution based on using eval unsafely

27 Jun 2024

Fix available
Severity - 9.8 (Critical)

GHSA-qqcv-vg9f-5rr3

PyPI/litellm

litellm vulnerable to improper access control in team management

27 Jun 2024

Fix available
Severity - 5.3 (Medium)

GHSA-3xr8-qfvj-9p9j

PyPI/litellm

Arbitrary file deletion in litellm

06 Jun 2024

Fix available
Severity - 7.0 (High)

Load more...(1 page left)