CVE-2026-49468 BerriAI CVE debrief

Who should care

Organizations using LiteLLM proxy server versions prior to 1.84.0 should prioritize upgrading to the latest version to prevent exploitation. This vulnerability has a critical CVSS score, indicating a high severity of impact. Security teams and administrators responsible for AI and LLM systems should take immediate action to assess and mitigate this vulnerability.

Technical summary

The LiteLLM proxy server, used as an AI Gateway to call LLM APIs, has a critical vulnerability identified as CVE-2026-49468. This vulnerability has been assigned a CVSS score of 9.5, indicating a high severity of impact. The issue was published on June 22, 2026, and was modified on June 24, 2026. The vulnerability is fixed in LiteLLM version 1.84.0. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. The weakness associated with this vulnerability is CWE-290.

Defensive priority

This vulnerability has a critical CVSS score of 9.5, indicating a high severity of impact. Immediate attention is required to upgrade to version 1.84.0 to mitigate the vulnerability.

Recommended defensive actions

• Upgrade LiteLLM to version 1.84.0 or later
• Review and assess the vulnerability's impact on your organization
• Implement compensating controls to detect and prevent exploitation
• Monitor for potential exploitation attempts
• Verify the integrity of your LiteLLM installation

Evidence notes

The CVE record and NVD detail provide information on the vulnerability. The vulnerability is fixed in LiteLLM version 1.84.0. The CVSS score and vector provide a measure of the vulnerability's severity. The CWE-290 weakness is associated with this vulnerability.

Official resources