Metrics
Affected Vendors & Products
Tue, 23 Jun 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Mon, 22 Jun 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 21 Jun 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Berriai
Berriai litellm |
|
| Vendors & Products |
Berriai
Berriai litellm |
Sun, 21 Jun 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure. | |
| Title | BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization | |
| First Time appeared |
Litellm
Litellm litellm |
|
| Weaknesses | CWE-266 CWE-285 |
|
| CPEs | cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Litellm
Litellm litellm |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-06-21T10:00:08.928Z
Updated: 2026-06-22T16:17:02.857Z
Reserved: 2026-06-20T17:12:23.228Z
Link: CVE-2026-12799
Updated: 2026-06-22T16:15:58.121Z
No data.