GHSA-h9c7-cfj6-h8j6LowCVSS 6.3

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this...

Published
June 21, 2026
Last Modified
June 21, 2026

🔗 CVE IDs covered (1)

📋 Description

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function _execute_with_mcp_client of the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

🔗 References (7)