PyPI: litellm
CVE-2026-35030
Safety vulnerability ID: SFTY-20260403-69249
Safety legacy ID: pyup.io-91741
Affected versions of the litellm package are vulnerable to Authentication Bypass due to the use of an insufficiently unique cache key derived from only the first 20 characters of a JWT token in the OIDC userinfo cache. When JWT authentication is enabled, the cache key is computed as token[:20], and because JWT headers produced by the same signing algorithm generate identical prefixes, an attacker can craft a token whose first 20 characters collide with a legitimate cached entry. This allows an unauthenticated attacker to inherit the identity and permissions of a legitimate user on cache hit, resulting in full authentication bypass on deployments with JWT/OIDC authentication enabled.
Overview
LiteLLM: Authentication bypass via OIDC userinfo cache key collision
Advisory
Affected versions of the litellm package are vulnerable to Authentication Bypass due to the use of an insufficiently unique cache key derived from only the first 20 characters of a JWT token in the OIDC userinfo cache. When JWT authentication is enabled, the cache key is computed as token[:20], and because JWT headers produced by the same signing algorithm generate identical prefixes, an attacker can craft a token whose first 20 characters collide with a legitimate cached entry. This allows an unauthenticated attacker to inherit the identity and permissions of a legitimate user on cache hit, resulting in full authentication bypass on deployments with JWT/OIDC authentication enabled.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20260403-69249/CVE-2026-35030
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35030
- https://data.safetycli.com/changelogs/litellm/
- https://github.com/advisories/GHSA-jjhc-v7c2-5hh6
- https://pypi.org/project/litellm
- https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6
- https://nvd.nist.gov/vuln/detail/CVE-2026-35030
- https://github.com/advisories/GHSA-jjhc-v7c2-5hh6
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more