Login Sign Up

Litellm Security Vulnerabilities (CVEs)

Track 8 security vulnerabilities affecting Litellm products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

1 Critical
6 High
1 Medium
🔔 Get Alerts for Litellm
CVE-2025-0330 7.5

This vulnerability in berriai/litellm's proxy server leaks Langfuse API keys when team settings parsing fails, exposing sensitive credentials. Attacke...

Mar 20, 2025
CVE-2024-9606 7.5

This vulnerability in berriai/litellm's logging function only masks the first 5 characters of API keys, exposing nearly the entire secret key in appli...

Mar 20, 2025
CVE-2024-8984 7.5

This vulnerability allows unauthenticated attackers to cause a Denial of Service (DoS) by sending specially crafted HTTP requests with appended charac...

Mar 20, 2025
CVE-2024-6825 8.8

This vulnerability in BerriAI/litellm allows remote code execution by exploiting improper input validation in the 'post_call_rules' configuration. Att...

Mar 20, 2025
CVE-2024-6587 7.5

This SSRF vulnerability in berriai/litellm allows attackers to redirect API requests to malicious servers, exposing OpenAI API keys. Any application u...

Sep 13, 2024
CVE-2024-5751 9.8

This vulnerability allows remote code execution in BerriAI/litellm when an attacker sends a malicious payload to the /config/update endpoint. The vuln...

Jun 27, 2024
CVE-2024-5225 7.2

An SQL injection vulnerability in the berriai/litellm repository allows attackers to execute arbitrary SQL commands via the /global/spend/logs endpoin...

Jun 6, 2024
CVE-2024-4890 4.9

A blind SQL injection vulnerability in berriai/litellm's '/team/update' endpoint allows attackers to inject malicious SQL through the 'user_id' parame...

Jun 6, 2024

Why Monitor Litellm Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 8+ known vulnerabilities affecting Litellm products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Litellm packages in under 60 seconds. No agents required - completely agentless scanning that works across Litellm deployments.

Free vulnerability database: Access detailed information about every Litellm CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Litellm CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Litellm CVEs Free