{"url":"http://public2.vulnerablecode.io/api/packages/1028120?format=json","purl":"pkg:pypi/litellm@1.83.1","type":"pypi","namespace":"","name":"litellm","version":"1.83.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.83.10","latest_non_vulnerable_version":"1.83.10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70271?format=json","vulnerability_id":"VCID-126s-vxje-v7f7","summary":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templates and rendered them without sandboxing. A crafted template could run arbitrary code inside the LiteLLM Proxy process. The endpoint only checks that the caller presents a valid proxy API key, so any authenticated user could reach it. Depending on how the proxy is deployed, this could expose secrets in the process environment (such as provider API keys or database credentials) and allow commands to be run on the host. This issue has been patched in version 1.83.7.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42203.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42203","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20827","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42203"},{"reference_url":"https://github.com/BerriAI/litellm","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/BerriAI/litellm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42203","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467917","reference_id":"2467917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467917"},{"reference_url":"https://github.com/advisories/GHSA-xqmj-j6mv-4862","reference_id":"GHSA-xqmj-j6mv-4862","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xqmj-j6mv-4862"},{"reference_url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-xqmj-j6mv-4862","reference_id":"GHSA-xqmj-j6mv-4862","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T14:36:50Z/"}],"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-xqmj-j6mv-4862"},{"reference_url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable","reference_id":"v1.83.7-stable","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T14:36:50Z/"}],"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373276?format=json","purl":"pkg:pypi/litellm@1.83.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jce-k6vw-kbe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.7"}],"aliases":["CVE-2026-42203","GHSA-xqmj-j6mv-4862"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-126s-vxje-v7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84255?format=json","vulnerability_id":"VCID-2jce-k6vw-kbe6","summary":"LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom_code URI.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40217","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26869","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40217"},{"reference_url":"https://github.com/BerriAI/litellm","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/BerriAI/litellm"},{"reference_url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-wxxx-gvqv-xp7p","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-wxxx-gvqv-xp7p"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40217","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40217"},{"reference_url":"https://www.x41-dsec.de/lab/advisories/x41-2026-001-litellm","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.x41-dsec.de/lab/advisories/x41-2026-001-litellm"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457301","reference_id":"2457301","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457301"},{"reference_url":"https://github.com/advisories/GHSA-wxxx-gvqv-xp7p","reference_id":"GHSA-wxxx-gvqv-xp7p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wxxx-gvqv-xp7p"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24866","reference_id":"RHSA-2026:24866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24866"},{"reference_url":"https://www.x41-dsec.de/lab/advisories/x41-2026-001-litellm/","reference_id":"x41-2026-001-litellm","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-14T14:38:35Z/"}],"url":"https://www.x41-dsec.de/lab/advisories/x41-2026-001-litellm/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373452?format=json","purl":"pkg:pypi/litellm@1.83.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.10"}],"aliases":["CVE-2026-40217","GHSA-wxxx-gvqv-xp7p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jce-k6vw-kbe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70307?format=json","vulnerability_id":"VCID-cgnq-9qen-6uh6","summary":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio configuration, the endpoints attempted to connect, which spawned the supplied command as a subprocess on the proxy host with the privileges of the proxy process. The endpoints were gated only by a valid proxy API key, with no role check. Any authenticated user — including holders of low-privilege internal-user keys — could therefore run arbitrary commands on the host. This issue has been patched in version 1.83.7.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42271.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42271","reference_id":"","reference_type":"","scores":[{"value":"0.60784","scoring_system":"epss","scoring_elements":"0.98327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42271"},{"reference_url":"https://github.com/BerriAI/litellm","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/BerriAI/litellm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42271","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42271"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42271","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42271"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467924","reference_id":"2467924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467924"},{"reference_url":"https://github.com/advisories/GHSA-v4p8-mg3p-g94g","reference_id":"GHSA-v4p8-mg3p-g94g","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v4p8-mg3p-g94g"},{"reference_url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g","reference_id":"GHSA-v4p8-mg3p-g94g","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-06-08T17:47:03Z/"}],"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g"},{"reference_url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable","reference_id":"v1.83.7-stable","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-06-08T17:47:03Z/"}],"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373276?format=json","purl":"pkg:pypi/litellm@1.83.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jce-k6vw-kbe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.7"}],"aliases":["CVE-2026-42271","GHSA-v4p8-mg3p-g94g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgnq-9qen-6uh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70135?format=json","vulnerability_id":"VCID-hc27-fp8v-jue9","summary":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example POST /chat/completions) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42208.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42208","reference_id":"","reference_type":"","scores":[{"value":"0.6259","scoring_system":"epss","scoring_elements":"0.98399","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42208"},{"reference_url":"https://github.com/BerriAI/litellm","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/BerriAI/litellm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42208","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42208"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42208","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42208"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463965","reference_id":"2463965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463965"},{"reference_url":"https://github.com/advisories/GHSA-r75f-5x8p-qvmc","reference_id":"GHSA-r75f-5x8p-qvmc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r75f-5x8p-qvmc"},{"reference_url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc","reference_id":"GHSA-r75f-5x8p-qvmc","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-05-08T17:09:36Z/"}],"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc"},{"reference_url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable","reference_id":"v1.83.7-stable","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-05-08T17:09:36Z/"}],"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373276?format=json","purl":"pkg:pypi/litellm@1.83.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jce-k6vw-kbe6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.7"}],"aliases":["CVE-2026-42208","GHSA-r75f-5x8p-qvmc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hc27-fp8v-jue9"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.1"}