CVE-2026-59822
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoin
CVSS
8.2
Alto
EPSS
0.2%
p15
KEV
—
Exploit Today
5
0-100
Publicado: 8 jul 2026 · Última mod.: 13 jul 2026 · CWE-287 · CWE-306
0.2%EPSS · 30 días0.3%
2026-07-092026-07-18
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key validation with an empty UserAPIKeyAuth() object, allowing requests to reach MCP tooling without a valid LiteLLM key. This issue is fixed in version 1.84.0.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-32489.8 CRÍ100.0%
KEV—80Langflow Missing Authentication Vulnerability5dCVE-2024-116809.8 CRÍ99.8%
KEV—80ProjectSend Improper Authentication Vulnerability5dCVE-2026-561645.3 MED92.0%
KEV—78Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability5dCVE-2026-468179.8 CRÍ60.3%
KEV—68Oracle E-Business Suite Improper Privilege Management Vulnerability3dCVE-2023-278239.8 CRÍ98.9%
——30An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.11dCVE-2022-245629.8 CRÍ98.9%
——30In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.11d