PyPI: litellm
GHSA-r75f-5x8p-qvmc
Safety vulnerability ID: SFTY-20260424-01174
### Impact A database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted `Authorization` header to any LLM API route (for example `POST /chat/completions`) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. ### Patches Fixed in **`1.83.7`**. The caller-supplied value is now always passed to the database as a separate parameter. Upgrade to `1.83.7` or later. ### Workarounds If upgrading is not immediately possible, set `disable_error_logs: true` under `general_settings`. This removes the path through which unauthenticated input reaches the vulnerable query.
Overview
LiteLLM has SQL Injection in Proxy API key verification
Advisory
LiteLLM has SQL Injection in Proxy API key verification
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20260424-01174
- https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc
- https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable
- https://nvd.nist.gov/vuln/detail/CVE-2026-42208
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42208
- https://github.com/advisories/GHSA-r75f-5x8p-qvmc
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more