COOEY // HUBcompliance · community · intelligence

FAIL › dossier

litellm vendor

3
failure events
0
zero-days
1
RCEs
2
on KEV
1
critical
85
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2026-06-08 CVE-2026-42271 high ⚡RCE ⌖KEV 85 BerriAI LiteLLM allows authenticated users to execute arbitrary host commands via command injection.
2026-05-08 CVE-2026-42208 high ⌖KEV 65 BerriAI LiteLLM contains a SQL injection vulnerability enabling unauthorized database access and credential theft.
2026-06-22 CVE-2026-49468 critical 35 LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, a Host-header parsing flaw in the LiteLLM proxy could, under specific conditions, allow unauthenticated access to protected management routes. The auth layer derived the effecti
2026-06-22 CVE-2026-49468 critical 35 LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, a Host-header parsing flaw in the LiteLLM proxy could, under specific conditions, allow unauthenticated access to protected management routes. The auth layer derived the effecti