CVE-2026-12799
MEDIUMBerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
Title source: cnaDescription
A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.
References (5)
Core 5
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-372561 | BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
https://vuldb.com/vuln/372561
Signature, Permissions Required signature
permissions-required
VDB-372561 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/372561/cti
Third Party Advisory third-party-advisory
CVE-2026-12799 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-12799
Third Party Advisory third-party-advisory
Submit #811291 | litellm <= 1.82.2 Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
https://vuldb.com/submit/811291
Scores
CVSS v3
4.3
EPSS
0.0029
EPSS Percentile
20.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-266
CWE-285
Status
published
Products (4)
BerriAI/litellm
1.82.0
BerriAI/litellm
1.82.1
BerriAI/litellm
1.82.2
litellm/litellm
< 1.82.2
Published
Jun 21, 2026
Tracked Since
Jun 21, 2026