๐Ÿ” CVE Alert

CVE-2026-49468

UNKNOWN 0.0

LiteLLM: Authentication Bypass via Host Header Injection

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

CWE CWE-290
Vendor berriai
Product litellm
Published Jun 22, 2026
Stay Ahead of the Next One

Get instant alerts for berriai litellm

Be the first to know when new unknown vulnerabilities affecting berriai litellm are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

BerriAI / litellm
< 1.84.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/BerriAI/litellm/security/advisories/GHSA-4xpc-pv4p-pm3w github.com: https://github.com/BerriAI/litellm/releases/tag/v1.84.0