ThreatCluster

Critical Privilege Escalation Vulnerabilities in LiteLLM Disclosed

First seen 22 May 2026, 22:25 UTC Nvd.Nist 73% similarity 73

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities (CVE-2026-47101 and CVE-2026-47102) have been identified in LiteLLM versions prior to 1.83.14. CVE-2026-47101 allows authenticated internal users to create API keys with unauthorized access, enabling privilege escalation to proxy_admin. CVE-2026-47102 permits users to modify their own user_role, potentially granting full administrative access. Both vulnerabilities were published on 2026-05-21 and affect users with org_admin and internal_user roles. Exploitation can lead to unauthorized access to sensitive data and administrative functions. Users are urged to update to the latest version to mitigate these risks.

Key Points: • CVE-2026-47101 allows privilege escalation for internal users creating unauthorized API keys. • CVE-2026-47102 enables users to change their roles to proxy_admin, gaining full access. • Both vulnerabilities were disclosed on 2026-05-21 and affect LiteLLM versions prior to 1.83.14.

ThreatCluster AI

Timeline

2026-05-21
CVE-2026-47101 published
LiteLLM vulnerability allows internal users to create API keys with excessive permissions.
Nvd.Nist
2026-05-21
CVE-2026-47102 published
LiteLLM vulnerability lets users modify their user_role to proxy_admin, gaining full access.
Nvd.Nist
2026-05-22
Security advisory issued
Users are advised to update LiteLLM to version 1.83.14 or later to mitigate vulnerabilities.
Nvd.Nist

Community

Browse all →