CVE-2026-12796
MediumCVSS 6.3Exploitation Probability (EPSS)
Low risk20th percentile — higher than 20% of all known CVEs
Summary
A vulnerability was identified in BerriAI litellm up to version 1.82.2, impacting the function get_redirect_response_from_openid in the file litellm/proxy/management_endpoints/ui_sso.py of the SSO Authentication Flow component. Manipulation leads to session expiration.
Risk Assessment
The attack can be carried out remotely, and public exploits are available, increasing the risk of this vulnerability being exploited in the organization.
Recommendation
It is recommended to update to the latest version of BerriAI litellm to eliminate this vulnerability and to monitor systems for unauthorized access attempts.
Original NVD description (English source)
A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.

