Description
A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/user_api_key_auth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is reported as difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
Published: 2026-06-21
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw is located in BerriAI litellm’s M2M JWT Handler in the file litellm/proxy/auth/user_api_key_auth.py. It permits manipulation of an unknown function, so the system may accept a request that should otherwise be rejected. The result is that a user or client can gain access to functions or data for which they do not have permission. This flaw is classified as an authorization error, represented by the CWE identifiers for improper privilege management, improper authorization, and credential manipulation.

Affected Systems

BerriAI litellm versions up through 1.82.2 are impacted. The vulnerability exists in the litellm/proxy/auth/user_api_key_auth.py module of the M2M JWT Handler. Users running any package version up to 1.82.2 should review their installed version and, if applicable, update past 1.82.2.

Risk and Exploitability

A CVSS score of 2.3 denotes a low overall risk. The exploit code is publicly available, but the vendor notes that the attack has high complexity and is reported as difficult. The EPSS value of <1% indicates a very low probability of exploitation. The vulnerability is not listed in CISA KEV, implying no widespread exploitation has been observed. Administrators should consider the risk level proportionate to the sensitivity of the affected services.

Generated by OpenCVE AI on July 10, 2026 at 04:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade BerriAI litellm to a version newer than 1.82.2, which contains the fix for the identified flaw.
  • Regenerate or revoke API keys that may have been compromised, ensuring minimal required scopes.
  • Implement logging and alerting for abnormal or unauthorized API key usage patterns.

Generated by OpenCVE AI on July 10, 2026 at 04:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1220
References
Metrics threat_severity

None

threat_severity

Moderate


Mon, 22 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 21 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/user_api_key_auth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is reported as difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
Title BerriAI litellm M2M JWT user_api_key_auth.py improper authorization
First Time appeared Litellm
Litellm litellm
Weaknesses CWE-266
CWE-285
CPEs cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*
Vendors & Products Litellm
Litellm litellm
References
Metrics cvssV2_0

{'score': 4.6, 'vector': 'AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-22T13:33:10.626Z

Reserved: 2026-06-20T09:26:20.566Z

Link: CVE-2026-12771

cve-icon Vulnrichment

Updated: 2026-06-22T13:33:06.836Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-21T01:00:12Z

Links: CVE-2026-12771 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-10T04:30:17Z

Weaknesses
  • CWE-1220

    Insufficient Granularity of Access Control

  • CWE-266

    Incorrect Privilege Assignment

  • CWE-285

    Improper Authorization