All Versions
Vulnerabilities (Public)
Known vulnerabilities and security issues detected in the extension's dependencies and code.
| Vulnerability ID | Advisory | Affected Versions | |||
|---|---|---|---|---|---|
| SFTY-20260324-33085 | Malicious code in litellm (PyPI) | Malicious | – | – | ==1.82.7 ==1.82.8 |
| SFTY-20260324-28516 | litellm – Embedded Malicious Code | Malicious | – | – | >=1.82.7,<=1.82.8 |
| SFTY-20260424-01174 | LiteLLM has SQL Injection in Proxy API key verification | Critical | – | – | >= 1.81.16, < 1.83.7 |
| CVE-2026-35030 | Affected versions of the litellm package are vulnerable to Authentication Bypass due to the use of an insufficiently unique cache key derived from only the first 20 characters of a JWT token in the OI… | Critical | – | – | <1.83.0 |
| CVE-2026-40217 | Affected versions of the litellm package are vulnerable to Sandbox Escape due to an insufficient hand-rolled sandbox in the custom-code guardrail testing endpoint. The POST /guardrails/test_custom_cod… | High | – | – | >=1.81.8,<1.83.10 |
| SFTY-20260425-88145 | LiteLLM: Authenticated command execution via MCP stdio test endpoints | High | – | – | >= 1.74.2, < 1.83.7 |
| CVE-2026-35029 | Affected versions of the litellm package are vulnerable to Privilege Escalation due to missing admin role authorisation on the /config/update endpoint. This endpoint allows any authenticated user to m… | High | – | – | <1.83.0 |
| SFTY-20260424-01339 | LiteLLM: Server-Side Template Injection in /prompts/test endpoint | Unknown | – | – | >= 1.80.5, < 1.83.7 |
| SFTY-20260408-36805 | LiteLLM: Password hash exposure and pass-the-hash authentication bypass | Unknown | – | – | < 1.83.0 |
| SFTY-20260325-42188 | Two LiteLLM versions published containing credential harvesting malware | Unknown | – | – | >= 1.82.7, <= 1.82.8 |
Page 1
Safety Discovered Vulnerabilities
Additional security issues found by Safety, exclusive to our platform.