Description
A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
Published: 2026-06-21
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw in BerriAI litellm’s SSO authentication flow occurs in the get_redirect_response_from_openid function where an attacker can manipulate the OpenID redirect and force a user session to expire prematurely. This results in a loss of authenticated state, effectively denying the victim access to services that require continuous authentication. The weakness is identified as a session‑handling issue (CWE‑613).

Affected Systems

The affected product is BerriAI’s litellm, with all releases up to and including version 1.82.2 identified as vulnerable. Any environment running these builds, particularly those that rely on the SSO authentication flow for user access, is at risk.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. The EPSS score is not available, so the likelihood of exploitation remains uncertain, but the description confirms that a public exploit is available and the attack can be performed remotely. The vulnerability is not listed in the CISA KEV catalog, indicating no known active exploitation in the wild at the time of this analysis.

Generated by OpenCVE AI on June 21, 2026 at 16:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a litellm release newer than 1.82.2 once it becomes available from the vendor.
  • Implement stricter validation on session tokens and the OpenID redirect process to prevent tampering that leads to premature session expiration.
  • Deploy monitoring for unusually frequent session expirations or authentication failures to detect potential exploitation attempts.

Generated by OpenCVE AI on June 21, 2026 at 16:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 21 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Berriai
Berriai litellm
Vendors & Products Berriai
Berriai litellm

Sun, 21 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
Title BerriAI litellm SSO Authentication Flow ui_sso.py get_redirect_response_from_openid session expiration
First Time appeared Litellm
Litellm litellm
Weaknesses CWE-613
CPEs cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*
Vendors & Products Litellm
Litellm litellm
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Berriai Litellm
Litellm Litellm
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-21T09:00:09.028Z

Reserved: 2026-06-20T17:12:15.581Z

Link: CVE-2026-12796

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-21T19:15:04Z

Weaknesses
  • CWE-613

    Insufficient Session Expiration