Bug 2491142 (CVE-2026-12797)
| Summary: | CVE-2026-12797 litellm: BerriAI litellm: Incorrect authorization via prompt manipulation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | dschmidt, erezende, ilpinto, jkoehler, jlanda, jwong, kshier, lphiri, ltomasbo, omaciel, simaishi, smcdonal, stcannon, teagle, ttakamiy, yguenane, ykashtan |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in BerriAI litellm. A remote attacker could manipulate the `prompt` argument in the `async_pre_call_hook` function of the Completions Interface component. This manipulation leads to incorrect authorization, potentially allowing the attacker to bypass security controls and perform unauthorized actions within the system. Administrators for the LLM proxy believe their blocklist and content-safety checks are active, but no input validation actually runs.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2026-06-21 11:01:18 UTC
|