CVE-2026-12799 - Vulnerability Details

Description

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

Published: 2026-06-21

Score: 5.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is located in the ui_view_users function within litellm/proxy/management_endpoints/internal_user_endpoints.py. The function fails to perform proper authorization checks, enabling an attacker to retrieve or manipulate internal user data through the endpoint. Because this endpoint is exposed over the network, the attack can be launched remotely without requiring local privileges. The weakness is classified as improper authorization (CWE-266 and CWE-285).

Affected Systems

BerriAI:litellm, versions up to and including 1.82.2 are affected. No other versions beyond 1.82.2 have been reported to contain the vulnerability.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate risk. EPSS data is unavailable, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote network access to the exposed internal management API. Because the flaw exists in application code, it can be exploited by sending crafted requests to the ui_view_users endpoint without needing elevated privileges on the host.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

BerriAI

litellm

affected

Version	Status	Constraints
`1.82.0`	affected	—
`1.82.1`	affected	—
`1.82.2`	affected	—

No data.

Vendor Product Confidence Versions

Berriai

Litellm

100%

Version	Status	Scheme	Platform
`1.82.0`	affected	semver	—
`1.82.1`	affected	semver	—
`1.82.2`	affected	semver	—

Litellm

95%

Version	Status	Scheme	Platform
`[0,*]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade BerriAI litellm to any release newer than 1.82.2 where the ui_view_users endpoint authorization is correctly enforced.
If an upgrade cannot be performed immediately, restrict external network traffic to the internal management API endpoints using firewall rules or network segmentation so that only trusted internal hosts can reach them.
In the interim, enforce additional role‑based access checks on the ui_view_users endpoint through custom middleware or application configuration to ensure only authorized users can invoke the function.

Generated by OpenCVE AI on June 21, 2026 at 17:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://gist.github.com/YLChen-007/3ace22e33e468d0166fe609c9fdf4184
https://vuldb.com/cve/CVE-2026-12799
https://vuldb.com/submit/811291
https://vuldb.com/vuln/372561
https://vuldb.com/vuln/372561/cti

History

Sun, 21 Jun 2026 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Berriai Berriai litellm
Vendors & Products		Berriai Berriai litellm

Sun, 21 Jun 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.
Title		BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
First Time appeared		Litellm Litellm litellm
Weaknesses		CWE-266 CWE-285
CPEs		cpe:2.3:a:litellm:litellm::::::::
Vendors & Products		Litellm Litellm litellm
References		https://gist.github.com/YLChen-007/3ace22e33e468d0166fe609c9fdf4184 https://vuldb.com/cve/CVE-2026-12799 https://vuldb.com/submit/811291 https://vuldb.com/vuln/372561 https://vuldb.com/vuln/372561/cti
Metrics		cvssV2_0 `{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:C'}` cvssV3_0 `{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C'}` cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Berriai Litellm

Litellm Litellm

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-06-21T10:00:08.928Z

Updated: 2026-06-21T10:00:08.928Z

Reserved: 2026-06-20T17:12:23.228Z

Link: CVE-2026-12799

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-21T18:15:04Z

Weaknesses

CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object