CVE-2026-12795 | BerriAI litellm up to 1.82.2 SSO Debug Flow ui_sso.py json.dumps missing authentication

Inserito da Angelo Barbosa | Giu 20, 2026 | CVE

A vulnerability, which was classified as critical, was found in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication.

This vulnerability is handled as CVE-2026-12795. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure.

CVE-2026-12795 | BerriAI litellm up to 1.82.2 SSO Debug Flow ui_sso.py json.dumps missing authentication

Post correlati

CVE-2023-6766 | PHPGurukul Teacher Subject Allocation Management System 1.0 Delete Course /admin/course.php delid cross-site request forgery

CVE-2024-22386 | Linux Kernel up to 6.5 Exynos Device Driver exynos_drm_crtc_atomic_disable null pointer dereference

CVE-2026-27685 | SAP NetWeaver Enterprise Portal Administration 7.50 deserialization

CVE-2026-53823 | OpenClaw up to 2026.5.2 allowFrom Feature authentication spoofing (GHSA-c29c-2q9c-pc86)