CVE-2026-12772 | BerriAI litellm up to 1.82.2 PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expiration

A vulnerability, which was classified as critical, has been found in BerriAI litellm up to 1.82.2. This impacts the function authenticate_user of the file litellm/proxy/auth/login_utils.py of the component PROXY_ADMIN database API Key Generator. Performing a manipulation results in session expiration.

This vulnerability was named CVE-2026-12772. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure.VulDB Recent EntriesRead More