PatchSiren cyber security CVE debrief
CVE-2026-35030 BerriAI CVE debrief
CVE-2026-35030 is a critical vulnerability in LiteLLM, a proxy server for LLM APIs, allowing unauthenticated attackers to bypass JWT authentication and inherit legitimate user identities and permissions. This issue arises from the use of token[:20] as the cache key for OIDC userinfo cache when JWT authentication is enabled. The vulnerability affects deployments with JWT/OIDC authentication enabled and is fixed in version 1.83.0. The CVSS score for this vulnerability is 9.4, indicating a critical severity. LiteLLM instances with JWT authentication enabled are potentially vulnerable to exploitation.
- Vendor
- BerriAI
- Product
- litellm
- CVSS
- CRITICAL 9.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-06
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-04-06
- Advisory updated
- 2026-06-30
Who should care
Organizations using LiteLLM with JWT/OIDC authentication enabled should prioritize patching to version 1.83.0 or later. Security teams and administrators responsible for LLM API proxy servers should assess their exposure and take immediate action to protect against potential exploitation.
Technical summary
The vulnerability in LiteLLM arises from the implementation of JWT authentication. When enable_jwt_auth is set to true, the OIDC userinfo cache uses a truncated version of the JWT token (token[:20]) as the cache key. Since JWT headers produced by the same signing algorithm have identical first 20 characters, an attacker can craft a token that matches a legitimate user's cached token. Upon cache hit, the attacker gains the legitimate user's identity and permissions. This vulnerability is particularly severe as it allows for unauthenticated access and has a high CVSS score of 9.4.
Defensive priority
Immediate patching to version 1.83.0 or later is crucial for organizations using LiteLLM with JWT/OIDC authentication. In the interim, defenders should review their configurations and monitor for suspicious activity.
Recommended defensive actions
- Patch LiteLLM to version 1.83.0 or later immediately.
- Review and adjust JWT/OIDC authentication configurations to enhance security.
- Monitor for suspicious activity and potential exploitation attempts.
- Assess the scope of affected deployments and prioritize remediation.
- Implement compensating controls, such as additional authentication layers, if patching is not feasible in the short term.
Evidence notes
The CVE record and NVD detail provide official information on the vulnerability. Vendor advisories and mitigation strategies are available through GitHub and Red Hat errata. The vulnerability's critical severity and potential for exploitation necessitate swift action.
Official resources
-
CVE-2026-35030 CVE record
CVE.org
-
CVE-2026-35030 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Mitigation, Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.