{"uuid": "5c5b13b3-842c-4d7c-89a8-6a403e17b3f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12774", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3moy4qdky5q2g", "content": "cve-2026-12774 appears to be SSRF in BerriAI litellm rest_endpoints.py _execute_with_mcp_client when attacker-controlled URLs are accepted; block metadata and link-local ranges like 169.254.169.254, enforce a strict host allowlist and validate URL schemes.", "creation_timestamp": "2026-06-23T19:22:05.595333Z"}