Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN360 _____________________________________________________________________ DATE : 08/04/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running litellm (pip) versions prior to 1.83.0. ===================================================================== https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6 https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789 https://github.com/BerriAI/litellm/security/advisories/GHSA-69x8-hrgq-fjj8 _____________________________________________________________________ Authentication bypass via OIDC userinfo cache key collision Critical jaydns published GHSA-jjhc-v7c2-5hh6 Apr 3, 2026 Package litellm (pip) Affected versions <1.83.0 Patched versions 1.83.0 Description Impact When JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Patches Fixed in v1.83.0. The cache key now uses the full hash of the JWT token. Workarounds Disable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely. Severity Critical 9.4/ 10 CVSS v4 base metrics Exploitability Metrics Attack Vector Network Attack Complexity Low Attack Requirements Present Privileges Required None User interaction None Vulnerable System Impact Metrics Confidentiality High Integrity High Availability None Subsequent System Impact Metrics Confidentiality High Integrity High Availability None CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N CVE ID CVE-2026-35030 Weaknesses Weakness CWE-287 Credits @veria-labs veria-labs Finder _____________________________________________________________________ Privilege escalation via unrestricted proxy configuration endpoint High jaydns published GHSA-53mr-6c8q-9789 Apr 3, 2026 Package litellm (pip) Affected versions <1.83.0 Patched versions 1.83.0 Description Impact The /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to do the following: Modify proxy configuration and environment variables Register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution Read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image Take over other priveleged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables Patches Fixed in v1.83.0. The endpoint now requires proxy_admin role. Workarounds Restrict API key distribution. There is no configuration-level workaround. Severity High 8.7/ 10 CVSS v4 base metrics Exploitability Metrics Attack Vector Network Attack Complexity Low Attack Requirements None Privileges Required Low User interaction None Vulnerable System Impact Metrics Confidentiality High Integrity High Availability High Subsequent System Impact Metrics Confidentiality Low Integrity Low Availability None CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N CVE ID CVE-2026-35029 Weaknesses No CWEs _____________________________________________________________________ Password hash exposure and pass-the-hash authentication bypass High jaydns published GHSA-69x8-hrgq-fjj8 Apr 4, 2026 Package litellm (pip) Affected versions <1.83.0 Patched versions 1.83.0 Description Impact Three issues combine into a full authentication bypass chain: Weak hashing: User passwords are stored as unsalted SHA-256 hashes, making them vulnerable to rainbow table attacks and trivially identifying users with identical passwords. Hash exposure: Multiple API endpoints (/user/info, /user/update, /spend/users) return the password hash field in responses to any authenticated user regardless of role. Plaintext passwords could also potentially be exposed in certain scenarios. Pass-the-hash: The /v2/login endpoint accepts the raw SHA-256 hash as a valid password without re-hashing, allowing direct login with a stolen An already authenticated user can retrieve another user's password hash from the API and use it to log in as that user. This enables full privilege escalation in three HTTP requests. Patches Fixed in v1.83.0. Passwords are now hashed with scrypt (random 16-byte salt, n=16384, r=8, p=1). Password hashes are stripped from all API responses. Existing SHA-256 hashes are transparently migrated on next login. Severity High 8.6/ 10 CVSS v4 base metrics Exploitability Metrics Attack Vector Network Attack Complexity Low Attack Requirements None Privileges Required Low User interaction None Vulnerable System Impact Metrics Confidentiality High Integrity High Availability None Subsequent System Impact Metrics Confidentiality None Integrity None Availability None CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVE ID No known CVE Weaknesses No CWEs ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================