Bug 2480635 (CVE-2026-47101)
| Summary: | CVE-2026-47101 litellm: LiteLLM: Privilege escalation via API key generation with insufficient permission validation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | dschmidt, erezende, ilpinto, jkoehler, jlanda, jwong, kshier, lphiri, ltomasbo, omaciel, simaishi, smcdonal, stcannon, teagle, ttakamiy, yguenane, ykashtan |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in LiteLLM. An authenticated internal user can exploit this vulnerability by creating API keys that grant access to routes beyond their assigned role. This occurs because the system fails to verify if the specified allowed_routes for the API key align with the user's actual permissions. Consequently, a malicious internal user can achieve full privilege escalation, gaining administrative access (proxy_admin) and bypassing role-based access controls.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2026-05-21 21:01:18 UTC
|