CVE-2026-12770
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk15th percentile — higher than 15% of all known CVEs
Summary
A vulnerability was identified in BerriAI litellm up to version 1.63.1, concerning an unknown function in the file litellm/proxy/management_endpoints/key_management_endpoints.py of the Admin Key Handler component. This manipulation leads to improper authorization.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious threat to system security. The public disclosure of the exploit increases the risk of attacks.
Recommendation
It is recommended to apply the patch named 23781 to fix this vulnerability. Additionally, monitoring systems for unauthorized access attempts is advisable.
Original NVD description (English source)
A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/management_endpoints/key_management_endpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: 23781. It is recommended to apply a patch to fix this issue. The vendor was contacted early about this disclosure.

