CVE-2026-12770 | BerriAI litellm up to 1.63.1 Admin Key key_management_endpoints.py improper authorization

A vulnerability classified as critical has been found in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/management_endpoints/key_management_endpoints.py of the component Admin Key Handler. This manipulation causes improper authorization.

This vulnerability is handled as CVE-2026-12770. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure.VulDB Recent EntriesRead More