CVE-2026-47101

LiteLLM < 1.83.14 Privilege Escalation via API Key Generation

CVSS 8.7 HIGHEPSS 0.6%CWE-863

LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored without verifying that the specified routes fall within the user's own permissions. A key created with access to admin-only routes can then be used to reach those routes successfully, bypassing the role-based access controls that would otherwise block the request, enabling full privilege escalation from internal_user to proxy_admin.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

BerriAI · litellm

public PoCs found — 5

githubgithub.com/learner202649/CVE-2026-47101-PoC★ 0 githubgithub.com/HORKimhab/CVE-LiteLLM★ 0 cve_referencegist.github.com/13ph03nix/9ec616e1fdc77b3673509c60206e827funverified cve_referencehuntr.com/bounties/8e75edfb-ff05-4e63-bfca-2d93d03fb3b9unverified cve_referencewww.obsidiansecurity.com/blog/litellm-privilege-escalation-rceunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gist.github.com/13ph03nix/9ec616e1fdc77b3673509c60206e827f https://github.com/BerriAI/litellm/commit/2220f3076ac89bd2a2e3439acf57dcfbec2434c9 https://github.com/BerriAI/litellm/commit/5190bd07eb23a037745d86328096f54378f1614a https://github.com/BerriAI/litellm/commit/d910a95661fce3cdd36f3b06c03ecf9c46c6457c https://github.com/BerriAI/litellm/releases/tag/v1.83.14-stable https://huntr.com/bounties/8e75edfb-ff05-4e63-bfca-2d93d03fb3b9 https://www.obsidiansecurity.com/blog/litellm-privilege-escalation-rce https://www.vulncheck.com/advisories/litellm-privilege-escalation-via-api-key-generation