CVE-2026-12772

MEDIUM

BerriAI litellm PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expiration

Title source: cna

Description

A security flaw has been discovered in BerriAI litellm up to 1.82.2. This impacts the function authenticate_user of the file litellm/proxy/auth/login_utils.py of the component PROXY_ADMIN database API Key Generator. Performing a manipulation results in session expiration. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.

References (5)

Core 5

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-372514 | BerriAI litellm PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expiration

https://vuldb.com/vuln/372514

Signature, Permissions Required signature permissions-required

VDB-372514 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/372514/cti

Third Party Advisory third-party-advisory

CVE-2026-12772 | CVE Analysis and Report

https://vuldb.com/cve/CVE-2026-12772

Third Party Advisory third-party-advisory

Submit #811281 | litellm <= 1.82.2 Insufficient Session Expiration (CWE-613)

https://vuldb.com/submit/811281

Exploit exploit

https://gist.github.com/YLChen-007/39ed709ce322431658a05b951e91f278

Scores

CVSS v3 6.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Details

CWE

CWE-613

Status published

Products (3)

BerriAI/litellm 1.82.0

BerriAI/litellm 1.82.1

BerriAI/litellm 1.82.2

Published Jun 21, 2026

Tracked Since Jun 21, 2026