Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-12773
PUBLISHED
More InfoOfficial Page
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
View Known Exploited Vulnerability (KEV) details
Published At-21 Jun, 2026 | 03:15
Updated At-30 Jun, 2026 | 12:06
Rejected At-
▼CVE Numbering Authority (CNA)
BerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authentication

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure.

Affected Products
Vendor
BerriAI
Product
litellm
CPEs
  • cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*
Modules
  • MCP Proxy
Versions
Affected
  • 1.59.0
  • 1.59.1
  • 1.59.2
  • 1.59.3
  • 1.59.4
  • 1.59.5
  • 1.59.6
  • 1.59.7
  • 1.59.8
Problem Types
TypeCWE IDDescription
CWECWE-287Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: Improper Authentication
Metrics
VersionBase scoreBase severityVector
4.06.9MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
3.07.3HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
2.07.5N/A
AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 3.0
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 2.0
Base score: 7.5
Base severity: N/A
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
Eric-c (VulDB User)
coordinator
VulDB CNA Team
Timeline
EventDate
Advisory disclosed2026-06-20 00:00:00
VulDB entry created2026-06-20 02:00:00
VulDB entry last update2026-06-20 11:31:42
Event: Advisory disclosed
Date: 2026-06-20 00:00:00
Event: VulDB entry created
Date: 2026-06-20 02:00:00
Event: VulDB entry last update
Date: 2026-06-20 11:31:42
Replaced By

Rejected Reason

References
HyperlinkResource
https://vuldb.com/vuln/372515
vdb-entry
technical-description
https://vuldb.com/vuln/372515/cti
signature
permissions-required
https://vuldb.com/cve/CVE-2026-12773
third-party-advisory
https://vuldb.com/submit/811282
third-party-advisory
https://gist.github.com/YLChen-007/3cfaad10a69d7a15e4d4d458cb53309e
exploit
Hyperlink: https://vuldb.com/vuln/372515
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/vuln/372515/cti
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/cve/CVE-2026-12773
Resource:
third-party-advisory
Hyperlink: https://vuldb.com/submit/811282
Resource:
third-party-advisory
Hyperlink: https://gist.github.com/YLChen-007/3cfaad10a69d7a15e4d4d458cb53309e
Resource:
exploit
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://vuldb.com/submit/811282
exploit
Hyperlink: https://vuldb.com/submit/811282
Resource:
exploit
2. litellm: BerriAI litellm: Improper authentication in MCP Proxy via UserAPIKeyAuth function

A flaw was found in BerriAI litellm, within its MCP Proxy component. A remote attacker could exploit an improper authentication vulnerability in the UserAPIKeyAuth function. This could allow unauthorized access, potentially compromising the confidentiality, integrity, and availability of data within the system.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Exploit Intelligence
CPEs
  • cpe:/a:redhat:exploit_intelligence:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-303Incorrect Implementation of Authentication Algorithm
Type: CWE
CWE ID: CWE-303
Description: Incorrect Implementation of Authentication Algorithm
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Upgrade to litellm 1.81.16 or later. As a workaround, do not configure backend MCP servers with allow_all_keys: true, and restrict network access to the LiteLLM MCP proxy endpoints.

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-06-21 04:00:49
Made public.2026-06-21 03:15:08
Event: Reported to Red Hat.
Date: 2026-06-21 04:00:49
Event: Made public.
Date: 2026-06-21 03:15:08
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-12773
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2491112
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12773.json
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-12773
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2491112
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12773.json
Resource:
x_sadp-csaf-vex
Details not found