Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-JJHC-V7C2-5HH6
Vulnerability from github – Published: 2026-04-03 21:59 – Updated: 2026-04-06 23:40
VLAI
Summary
LiteLLM: Authentication bypass via OIDC userinfo cache key collision
Details
Impact
When JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.
This configuration option is not enabled by default. Most instances are not affected.
An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled.
Patches
Fixed in v1.83.0. The cache key now uses the full hash of the JWT token.
Workarounds
Disable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.
Severity
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "litellm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.83.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35030"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-03T21:59:50Z",
"nvd_published_at": "2026-04-06T17:17:12Z",
"severity": "CRITICAL"
},
"details": "### Impact\n\nWhen JWT authentication is enabled (`enable_jwt_auth: true`), the OIDC userinfo cache uses `token[:20]` as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.\n\nThis configuration option is not enabled by default. **Most instances are not affected.**\n\nAn unauthenticated attacker can craft a token whose first 20 characters match a legitimate user\u0027s cached token. On cache hit, the attacker inherits the legitimate user\u0027s identity and permissions. This affects deployments with JWT/OIDC authentication enabled.\n\n### Patches\n\nFixed in v1.83.0. The cache key now uses the full hash of the JWT token.\n\n### Workarounds\n\nDisable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.",
"id": "GHSA-jjhc-v7c2-5hh6",
"modified": "2026-04-06T23:40:39Z",
"published": "2026-04-03T21:59:50Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35030"
},
{
"type": "PACKAGE",
"url": "https://github.com/BerriAI/litellm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "LiteLLM: Authentication bypass via OIDC userinfo cache key collision"
}
cleanstart-2026-az09261
Vulnerability from cleanstart
Published
2026-06-08 12:29
Modified
2026-06-07 16:45
Summary
Security fixes for CVE-2023-46136, CVE-2024-12797, CVE-2024-34069, CVE-2024-49766, CVE-2024-49767, CVE-2025-62727, CVE-2025-66221, CVE-2026-0994, CVE-2026-21860, CVE-2026-22815, CVE-2026-25645, CVE-2026-26007, CVE-2026-27199, CVE-2026-27205, CVE-2026-27448, CVE-2026-27459, CVE-2026-30922, CVE-2026-31958, CVE-2026-32597, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-35536, CVE-2026-40217, CVE-2026-40347, CVE-2026-41016, CVE-2026-41018, CVE-2026-41066, CVE-2026-42561, CVE-2026-44307, CVE-2026-44405, CVE-2026-44431, CVE-2026-44432, CVE-2026-44681, CVE-2026-45309, CVE-2026-4539, CVE-2026-45409, CVE-2026-48522, CVE-2026-48523, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, CVE-2026-48710, CVE-2026-8328, CVE-2026-8838, ghsa-29h4-r29x-hchv, ghsa-29vq-49wr-vm6x, ghsa-2g68-c3qc-8985, ghsa-2vrm-gr82-f7m5, ghsa-3wq7-rqq7-wx6j, ghsa-5239-wwwm-4pmq, ghsa-53mr-6c8q-9789, ghsa-63hf-3vf5-4wqf, ghsa-68rp-wp8r-4726, ghsa-752w-5fwx-jx9f, ghsa-78cv-mqj4-43f7, ghsa-79v4-65xg-pq4g, ghsa-7f5h-v6xp-fcq8, ghsa-7gcm-g887-7qv7, ghsa-87hc-h4r5-73f7, ghsa-966j-vmvw-g2g9, ghsa-c427-h43c-vf67, ghsa-f9vj-2wh5-fj8j, ghsa-fqwm-6jpj-5wxc, ghsa-gc5v-m9x4-r6x2, ghsa-h4gh-qq45-vh27, ghsa-hcc4-c3v8-rx92, ghsa-hg6j-4rv6-33pg, ghsa-hgf8-39gv-g3f2, ghsa-hrfv-mqp8-q5rw, ghsa-jj8c-mmj3-mmgv, ghsa-jjhc-v7c2-5hh6, ghsa-jr27-m4p2-rc6r, ghsa-m5qp-6w8w-w647, ghsa-m959-cc7f-wv43, ghsa-mj87-hwqh-73pj, ghsa-mwh4-6h8g-pg8w, ghsa-p998-jp59-783m, ghsa-q34m-jh98-gwm2, ghsa-qjxf-f2mg-c6mc, ghsa-r6ph-v2qm-q3c2, ghsa-v92g-xgxw-vvmm, ghsa-vfmq-68hx-4jfw, ghsa-w2fm-2cpv-w7v5, ghsa-xqmj-j6mv-4862 applied in versions: 3.2.0-r0, 3.2.0-r1, 3.2.1-r2, 3.2.1-r3
Details
Multiple security vulnerabilities affect the airflow-3 package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "airflow-3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.1-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the airflow-3 package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AZ09261",
"modified": "2026-06-07T16:45:03Z",
"published": "2026-06-08T12:29:23.792179Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AZ09261.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46136"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-34069"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-49766"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-49767"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-66221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-21860"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25645"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27199"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27448"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27459"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-30922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-31958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32597"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40217"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40347"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41016"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41018"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42561"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44431"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44432"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-45309"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4539"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-45409"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48522"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48523"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48524"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48710"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-8328"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-8838"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-29h4-r29x-hchv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-29vq-49wr-vm6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g68-c3qc-8985"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2vrm-gr82-f7m5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3wq7-rqq7-wx6j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5239-wwwm-4pmq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-53mr-6c8q-9789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-63hf-3vf5-4wqf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-68rp-wp8r-4726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-752w-5fwx-jx9f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78cv-mqj4-43f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-79v4-65xg-pq4g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7f5h-v6xp-fcq8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7gcm-g887-7qv7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-87hc-h4r5-73f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-966j-vmvw-g2g9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c427-h43c-vf67"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f9vj-2wh5-fj8j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fqwm-6jpj-5wxc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gc5v-m9x4-r6x2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h4gh-qq45-vh27"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcc4-c3v8-rx92"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hg6j-4rv6-33pg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hgf8-39gv-g3f2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hrfv-mqp8-q5rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jj8c-mmj3-mmgv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jjhc-v7c2-5hh6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jr27-m4p2-rc6r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m5qp-6w8w-w647"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m959-cc7f-wv43"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj87-hwqh-73pj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mwh4-6h8g-pg8w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p998-jp59-783m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q34m-jh98-gwm2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qjxf-f2mg-c6mc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6ph-v2qm-q3c2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v92g-xgxw-vvmm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vfmq-68hx-4jfw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w2fm-2cpv-w7v5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xqmj-j6mv-4862"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46136"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34069"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49766"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49767"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21860"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25645"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27199"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27448"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40217"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40347"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41016"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41018"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42561"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45309"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4539"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45409"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48522"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48523"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48524"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48710"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8328"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8838"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2023-46136, CVE-2024-12797, CVE-2024-34069, CVE-2024-49766, CVE-2024-49767, CVE-2025-62727, CVE-2025-66221, CVE-2026-0994, CVE-2026-21860, CVE-2026-22815, CVE-2026-25645, CVE-2026-26007, CVE-2026-27199, CVE-2026-27205, CVE-2026-27448, CVE-2026-27459, CVE-2026-30922, CVE-2026-31958, CVE-2026-32597, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-35536, CVE-2026-40217, CVE-2026-40347, CVE-2026-41016, CVE-2026-41018, CVE-2026-41066, CVE-2026-42561, CVE-2026-44307, CVE-2026-44405, CVE-2026-44431, CVE-2026-44432, CVE-2026-44681, CVE-2026-45309, CVE-2026-4539, CVE-2026-45409, CVE-2026-48522, CVE-2026-48523, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, CVE-2026-48710, CVE-2026-8328, CVE-2026-8838, ghsa-29h4-r29x-hchv, ghsa-29vq-49wr-vm6x, ghsa-2g68-c3qc-8985, ghsa-2vrm-gr82-f7m5, ghsa-3wq7-rqq7-wx6j, ghsa-5239-wwwm-4pmq, ghsa-53mr-6c8q-9789, ghsa-63hf-3vf5-4wqf, ghsa-68rp-wp8r-4726, ghsa-752w-5fwx-jx9f, ghsa-78cv-mqj4-43f7, ghsa-79v4-65xg-pq4g, ghsa-7f5h-v6xp-fcq8, ghsa-7gcm-g887-7qv7, ghsa-87hc-h4r5-73f7, ghsa-966j-vmvw-g2g9, ghsa-c427-h43c-vf67, ghsa-f9vj-2wh5-fj8j, ghsa-fqwm-6jpj-5wxc, ghsa-gc5v-m9x4-r6x2, ghsa-h4gh-qq45-vh27, ghsa-hcc4-c3v8-rx92, ghsa-hg6j-4rv6-33pg, ghsa-hgf8-39gv-g3f2, ghsa-hrfv-mqp8-q5rw, ghsa-jj8c-mmj3-mmgv, ghsa-jjhc-v7c2-5hh6, ghsa-jr27-m4p2-rc6r, ghsa-m5qp-6w8w-w647, ghsa-m959-cc7f-wv43, ghsa-mj87-hwqh-73pj, ghsa-mwh4-6h8g-pg8w, ghsa-p998-jp59-783m, ghsa-q34m-jh98-gwm2, ghsa-qjxf-f2mg-c6mc, ghsa-r6ph-v2qm-q3c2, ghsa-v92g-xgxw-vvmm, ghsa-vfmq-68hx-4jfw, ghsa-w2fm-2cpv-w7v5, ghsa-xqmj-j6mv-4862 applied in versions: 3.2.0-r0, 3.2.0-r1, 3.2.1-r2, 3.2.1-r3",
"upstream": [
"CVE-2023-46136",
"CVE-2024-12797",
"CVE-2024-34069",
"CVE-2024-49766",
"CVE-2024-49767",
"CVE-2025-62727",
"CVE-2025-66221",
"CVE-2026-0994",
"CVE-2026-21860",
"CVE-2026-22815",
"CVE-2026-25645",
"CVE-2026-26007",
"CVE-2026-27199",
"CVE-2026-27205",
"CVE-2026-27448",
"CVE-2026-27459",
"CVE-2026-30922",
"CVE-2026-31958",
"CVE-2026-32597",
"CVE-2026-34073",
"CVE-2026-34513",
"CVE-2026-34514",
"CVE-2026-34515",
"CVE-2026-34516",
"CVE-2026-34517",
"CVE-2026-34518",
"CVE-2026-34519",
"CVE-2026-34520",
"CVE-2026-34525",
"CVE-2026-35536",
"CVE-2026-40217",
"CVE-2026-40347",
"CVE-2026-41016",
"CVE-2026-41018",
"CVE-2026-41066",
"CVE-2026-42561",
"CVE-2026-44307",
"CVE-2026-44405",
"CVE-2026-44431",
"CVE-2026-44432",
"CVE-2026-44681",
"CVE-2026-45309",
"CVE-2026-4539",
"CVE-2026-45409",
"CVE-2026-48522",
"CVE-2026-48523",
"CVE-2026-48524",
"CVE-2026-48525",
"CVE-2026-48526",
"CVE-2026-48710",
"CVE-2026-8328",
"CVE-2026-8838",
"ghsa-29h4-r29x-hchv",
"ghsa-29vq-49wr-vm6x",
"ghsa-2g68-c3qc-8985",
"ghsa-2vrm-gr82-f7m5",
"ghsa-3wq7-rqq7-wx6j",
"ghsa-5239-wwwm-4pmq",
"ghsa-53mr-6c8q-9789",
"ghsa-63hf-3vf5-4wqf",
"ghsa-68rp-wp8r-4726",
"ghsa-752w-5fwx-jx9f",
"ghsa-78cv-mqj4-43f7",
"ghsa-79v4-65xg-pq4g",
"ghsa-7f5h-v6xp-fcq8",
"ghsa-7gcm-g887-7qv7",
"ghsa-87hc-h4r5-73f7",
"ghsa-966j-vmvw-g2g9",
"ghsa-c427-h43c-vf67",
"ghsa-f9vj-2wh5-fj8j",
"ghsa-fqwm-6jpj-5wxc",
"ghsa-gc5v-m9x4-r6x2",
"ghsa-h4gh-qq45-vh27",
"ghsa-hcc4-c3v8-rx92",
"ghsa-hg6j-4rv6-33pg",
"ghsa-hgf8-39gv-g3f2",
"ghsa-hrfv-mqp8-q5rw",
"ghsa-jj8c-mmj3-mmgv",
"ghsa-jjhc-v7c2-5hh6",
"ghsa-jr27-m4p2-rc6r",
"ghsa-m5qp-6w8w-w647",
"ghsa-m959-cc7f-wv43",
"ghsa-mj87-hwqh-73pj",
"ghsa-mwh4-6h8g-pg8w",
"ghsa-p998-jp59-783m",
"ghsa-q34m-jh98-gwm2",
"ghsa-qjxf-f2mg-c6mc",
"ghsa-r6ph-v2qm-q3c2",
"ghsa-v92g-xgxw-vvmm",
"ghsa-vfmq-68hx-4jfw",
"ghsa-w2fm-2cpv-w7v5",
"ghsa-xqmj-j6mv-4862"
]
}
cleanstart-2026-mr94452
Vulnerability from cleanstart
Published
2026-06-08 12:29
Modified
2026-06-07 16:45
Summary
Security fixes for CVE-2023-46136, CVE-2024-12797, CVE-2024-34069, CVE-2024-49766, CVE-2024-49767, CVE-2025-62727, CVE-2025-66221, CVE-2026-0994, CVE-2026-21860, CVE-2026-22815, CVE-2026-25645, CVE-2026-26007, CVE-2026-27199, CVE-2026-27205, CVE-2026-27448, CVE-2026-27459, CVE-2026-30922, CVE-2026-31958, CVE-2026-32597, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-35536, CVE-2026-40217, CVE-2026-40347, CVE-2026-41066, CVE-2026-44307, CVE-2026-44431, CVE-2026-44432, CVE-2026-44681, CVE-2026-45309, CVE-2026-4539, CVE-2026-48522, CVE-2026-48523, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, CVE-2026-48710, CVE-2026-8838, ghsa-29h4-r29x-hchv, ghsa-29vq-49wr-vm6x, ghsa-2g68-c3qc-8985, ghsa-2h4p-vjrc-8xpq, ghsa-2vrm-gr82-f7m5, ghsa-3wq7-rqq7-wx6j, ghsa-5239-wwwm-4pmq, ghsa-53mr-6c8q-9789, ghsa-63hf-3vf5-4wqf, ghsa-68rp-wp8r-4726, ghsa-752w-5fwx-jx9f, ghsa-78cv-mqj4-43f7, ghsa-79v4-65xg-pq4g, ghsa-7f5h-v6xp-fcq8, ghsa-7gcm-g887-7qv7, ghsa-87hc-h4r5-73f7, ghsa-966j-vmvw-g2g9, ghsa-c427-h43c-vf67, ghsa-f9vj-2wh5-fj8j, ghsa-fqwm-6jpj-5wxc, ghsa-g794-3fmp-753h, ghsa-gc5v-m9x4-r6x2, ghsa-h4gh-qq45-vh27, ghsa-hcc4-c3v8-rx92, ghsa-hgf8-39gv-g3f2, ghsa-hrfv-mqp8-q5rw, ghsa-jj8c-mmj3-mmgv, ghsa-jjhc-v7c2-5hh6, ghsa-jr27-m4p2-rc6r, ghsa-m5qp-6w8w-w647, ghsa-m959-cc7f-wv43, ghsa-mf9v-mfxr-j63j, ghsa-mj87-hwqh-73pj, ghsa-mwh4-6h8g-pg8w, ghsa-p998-jp59-783m, ghsa-q34m-jh98-gwm2, ghsa-qccp-gfcp-xxvc, ghsa-qjxf-f2mg-c6mc, ghsa-r6ph-v2qm-q3c2, ghsa-r95x-qfjj-fjj2, ghsa-v92g-xgxw-vvmm, ghsa-vfmq-68hx-4jfw, ghsa-w2fm-2cpv-w7v5, ghsa-wxxx-gvqv-xp7p, ghsa-xqmj-j6mv-4862 applied in versions: 3.1.8-r0, 3.1.8-r1, 3.1.8-r2, 3.1.8-r3
Details
Multiple security vulnerabilities affect the airflow-3 package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "airflow-3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.8-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the airflow-3 package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MR94452",
"modified": "2026-06-07T16:45:27Z",
"published": "2026-06-08T12:29:26.603264Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MR94452.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46136"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-34069"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-49766"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-49767"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-66221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-21860"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25645"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27199"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27448"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27459"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-30922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-31958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32597"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40217"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40347"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44431"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44432"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-45309"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4539"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48522"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48523"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48524"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-48710"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-8838"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-29h4-r29x-hchv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-29vq-49wr-vm6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g68-c3qc-8985"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2h4p-vjrc-8xpq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2vrm-gr82-f7m5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3wq7-rqq7-wx6j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5239-wwwm-4pmq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-53mr-6c8q-9789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-63hf-3vf5-4wqf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-68rp-wp8r-4726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-752w-5fwx-jx9f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78cv-mqj4-43f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-79v4-65xg-pq4g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7f5h-v6xp-fcq8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7gcm-g887-7qv7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-87hc-h4r5-73f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-966j-vmvw-g2g9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c427-h43c-vf67"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f9vj-2wh5-fj8j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fqwm-6jpj-5wxc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-g794-3fmp-753h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gc5v-m9x4-r6x2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h4gh-qq45-vh27"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcc4-c3v8-rx92"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hgf8-39gv-g3f2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hrfv-mqp8-q5rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jj8c-mmj3-mmgv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jjhc-v7c2-5hh6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jr27-m4p2-rc6r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m5qp-6w8w-w647"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m959-cc7f-wv43"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mf9v-mfxr-j63j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj87-hwqh-73pj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mwh4-6h8g-pg8w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p998-jp59-783m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q34m-jh98-gwm2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qccp-gfcp-xxvc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qjxf-f2mg-c6mc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6ph-v2qm-q3c2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r95x-qfjj-fjj2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v92g-xgxw-vvmm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vfmq-68hx-4jfw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w2fm-2cpv-w7v5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wxxx-gvqv-xp7p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xqmj-j6mv-4862"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46136"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34069"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49766"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49767"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21860"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25645"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27199"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27448"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40217"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40347"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45309"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4539"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48522"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48523"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48524"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48710"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8838"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2023-46136, CVE-2024-12797, CVE-2024-34069, CVE-2024-49766, CVE-2024-49767, CVE-2025-62727, CVE-2025-66221, CVE-2026-0994, CVE-2026-21860, CVE-2026-22815, CVE-2026-25645, CVE-2026-26007, CVE-2026-27199, CVE-2026-27205, CVE-2026-27448, CVE-2026-27459, CVE-2026-30922, CVE-2026-31958, CVE-2026-32597, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-35536, CVE-2026-40217, CVE-2026-40347, CVE-2026-41066, CVE-2026-44307, CVE-2026-44431, CVE-2026-44432, CVE-2026-44681, CVE-2026-45309, CVE-2026-4539, CVE-2026-48522, CVE-2026-48523, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, CVE-2026-48710, CVE-2026-8838, ghsa-29h4-r29x-hchv, ghsa-29vq-49wr-vm6x, ghsa-2g68-c3qc-8985, ghsa-2h4p-vjrc-8xpq, ghsa-2vrm-gr82-f7m5, ghsa-3wq7-rqq7-wx6j, ghsa-5239-wwwm-4pmq, ghsa-53mr-6c8q-9789, ghsa-63hf-3vf5-4wqf, ghsa-68rp-wp8r-4726, ghsa-752w-5fwx-jx9f, ghsa-78cv-mqj4-43f7, ghsa-79v4-65xg-pq4g, ghsa-7f5h-v6xp-fcq8, ghsa-7gcm-g887-7qv7, ghsa-87hc-h4r5-73f7, ghsa-966j-vmvw-g2g9, ghsa-c427-h43c-vf67, ghsa-f9vj-2wh5-fj8j, ghsa-fqwm-6jpj-5wxc, ghsa-g794-3fmp-753h, ghsa-gc5v-m9x4-r6x2, ghsa-h4gh-qq45-vh27, ghsa-hcc4-c3v8-rx92, ghsa-hgf8-39gv-g3f2, ghsa-hrfv-mqp8-q5rw, ghsa-jj8c-mmj3-mmgv, ghsa-jjhc-v7c2-5hh6, ghsa-jr27-m4p2-rc6r, ghsa-m5qp-6w8w-w647, ghsa-m959-cc7f-wv43, ghsa-mf9v-mfxr-j63j, ghsa-mj87-hwqh-73pj, ghsa-mwh4-6h8g-pg8w, ghsa-p998-jp59-783m, ghsa-q34m-jh98-gwm2, ghsa-qccp-gfcp-xxvc, ghsa-qjxf-f2mg-c6mc, ghsa-r6ph-v2qm-q3c2, ghsa-r95x-qfjj-fjj2, ghsa-v92g-xgxw-vvmm, ghsa-vfmq-68hx-4jfw, ghsa-w2fm-2cpv-w7v5, ghsa-wxxx-gvqv-xp7p, ghsa-xqmj-j6mv-4862 applied in versions: 3.1.8-r0, 3.1.8-r1, 3.1.8-r2, 3.1.8-r3",
"upstream": [
"CVE-2023-46136",
"CVE-2024-12797",
"CVE-2024-34069",
"CVE-2024-49766",
"CVE-2024-49767",
"CVE-2025-62727",
"CVE-2025-66221",
"CVE-2026-0994",
"CVE-2026-21860",
"CVE-2026-22815",
"CVE-2026-25645",
"CVE-2026-26007",
"CVE-2026-27199",
"CVE-2026-27205",
"CVE-2026-27448",
"CVE-2026-27459",
"CVE-2026-30922",
"CVE-2026-31958",
"CVE-2026-32597",
"CVE-2026-34073",
"CVE-2026-34513",
"CVE-2026-34514",
"CVE-2026-34515",
"CVE-2026-34516",
"CVE-2026-34517",
"CVE-2026-34518",
"CVE-2026-34519",
"CVE-2026-34520",
"CVE-2026-34525",
"CVE-2026-35536",
"CVE-2026-40217",
"CVE-2026-40347",
"CVE-2026-41066",
"CVE-2026-44307",
"CVE-2026-44431",
"CVE-2026-44432",
"CVE-2026-44681",
"CVE-2026-45309",
"CVE-2026-4539",
"CVE-2026-48522",
"CVE-2026-48523",
"CVE-2026-48524",
"CVE-2026-48525",
"CVE-2026-48526",
"CVE-2026-48710",
"CVE-2026-8838",
"ghsa-29h4-r29x-hchv",
"ghsa-29vq-49wr-vm6x",
"ghsa-2g68-c3qc-8985",
"ghsa-2h4p-vjrc-8xpq",
"ghsa-2vrm-gr82-f7m5",
"ghsa-3wq7-rqq7-wx6j",
"ghsa-5239-wwwm-4pmq",
"ghsa-53mr-6c8q-9789",
"ghsa-63hf-3vf5-4wqf",
"ghsa-68rp-wp8r-4726",
"ghsa-752w-5fwx-jx9f",
"ghsa-78cv-mqj4-43f7",
"ghsa-79v4-65xg-pq4g",
"ghsa-7f5h-v6xp-fcq8",
"ghsa-7gcm-g887-7qv7",
"ghsa-87hc-h4r5-73f7",
"ghsa-966j-vmvw-g2g9",
"ghsa-c427-h43c-vf67",
"ghsa-f9vj-2wh5-fj8j",
"ghsa-fqwm-6jpj-5wxc",
"ghsa-g794-3fmp-753h",
"ghsa-gc5v-m9x4-r6x2",
"ghsa-h4gh-qq45-vh27",
"ghsa-hcc4-c3v8-rx92",
"ghsa-hgf8-39gv-g3f2",
"ghsa-hrfv-mqp8-q5rw",
"ghsa-jj8c-mmj3-mmgv",
"ghsa-jjhc-v7c2-5hh6",
"ghsa-jr27-m4p2-rc6r",
"ghsa-m5qp-6w8w-w647",
"ghsa-m959-cc7f-wv43",
"ghsa-mf9v-mfxr-j63j",
"ghsa-mj87-hwqh-73pj",
"ghsa-mwh4-6h8g-pg8w",
"ghsa-p998-jp59-783m",
"ghsa-q34m-jh98-gwm2",
"ghsa-qccp-gfcp-xxvc",
"ghsa-qjxf-f2mg-c6mc",
"ghsa-r6ph-v2qm-q3c2",
"ghsa-r95x-qfjj-fjj2",
"ghsa-v92g-xgxw-vvmm",
"ghsa-vfmq-68hx-4jfw",
"ghsa-w2fm-2cpv-w7v5",
"ghsa-wxxx-gvqv-xp7p",
"ghsa-xqmj-j6mv-4862"
]
}
CVE-2026-35030 (GCVE-0-2026-35030)
Vulnerability from cvelistv5 – Published: 2026-04-06 16:47 – Updated: 2026-06-30 03:17
VLAI
EPSS
Title
LiteLLM has an authentication bypass via OIDC userinfo cache key collision
Summary
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/BerriAI/litellm/security/advis… | x_refsource_CONFIRM |
| https://access.redhat.com/security/cve/CVE-2026-35030 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455509 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:13545 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:28960 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:30056 | vendor-advisoryx_refsource_REDHAT |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| BerriAI | litellm |
Affected:
< 1.83.0
|
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Lightspeed Core |
cpe:/a:redhat:lightspeed_core |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-35030",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T14:24:02.117235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:24:34.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_core"
],
"defaultStatus": "affected",
"product": "Lightspeed Core",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-06T16:47:02.065Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in LiteLLM, a proxy server for Large Language Model (LLM) APIs. When JSON Web Token (JWT) authentication is enabled, the OIDC user information cache uses a truncated portion of the token as a cache key. An unauthenticated attacker can exploit this by crafting a JWT with the same initial characters as a legitimate user\u0027s cached token. This allows the attacker to bypass authentication and inherit the legitimate user\u0027s identity and permissions, potentially leading to unauthorized access and privilege escalation."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-222",
"description": "Truncation of Security-relevant Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:17:41.364Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-35030"
},
{
"name": "RHBZ#2455509",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455509"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-35030.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13545"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28960"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30056"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:28960: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:30056: Red Hat OpenShift AI 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-06T18:01:07.517Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-06T16:47:02.065Z",
"value": "Made public."
}
],
"title": "litellm: LiteLLM: Authentication bypass and privilege escalation via OIDC userinfo cache key collision",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, ensure that JWT authentication is not enabled in LiteLLM configurations. The vulnerability only manifests when `enable_jwt_auth` is set to `true`. If JWT authentication is not strictly required, disable it to prevent potential authentication bypass and privilege escalation. If this configuration is changed, a restart of the LiteLLM service may be required for the changes to take effect."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "litellm",
"vendor": "BerriAI",
"versions": [
{
"status": "affected",
"version": "\u003c 1.83.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user\u0027s cached token. On cache hit, the attacker inherits the legitimate user\u0027s identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:47:02.065Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6"
}
],
"source": {
"advisory": "GHSA-jjhc-v7c2-5hh6",
"discovery": "UNKNOWN"
},
"title": "LiteLLM has an authentication bypass via OIDC userinfo cache key collision"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35030",
"datePublished": "2026-04-06T16:47:02.065Z",
"dateReserved": "2026-03-31T21:06:06.427Z",
"dateUpdated": "2026-06-30T03:17:41.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
PYSEC-2026-390
Vulnerability from pysec - Published: 2026-06-29 11:50 - Updated: 2026-06-29 12:05
VLAI
Details
Impact
When JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.
This configuration option is not enabled by default. Most instances are not affected.
An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled.
Patches
Fixed in v1.83.0. The cache key now uses the full hash of the JWT token.
Workarounds
Disable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.
Severity
Impacted products
| Name | purl | litellm |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "litellm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.83.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.1.0",
"0.1.1",
"0.1.2",
"0.1.201",
"0.1.202",
"0.1.203",
"0.1.204",
"0.1.205",
"0.1.206",
"0.1.207",
"0.1.208",
"0.1.209",
"0.1.210",
"0.1.211",
"0.1.212",
"0.1.213",
"0.1.214",
"0.1.215",
"0.1.216",
"0.1.217",
"0.1.218",
"0.1.219",
"0.1.220",
"0.1.221",
"0.1.222",
"0.1.223",
"0.1.224",
"0.1.225",
"0.1.226",
"0.1.227",
"0.1.228",
"0.1.229",
"0.1.2291",
"0.1.230",
"0.1.231",
"0.1.232",
"0.1.233",
"0.1.234",
"0.1.235",
"0.1.236",
"0.1.237",
"0.1.238",
"0.1.3",
"0.1.31",
"0.1.32",
"0.1.330",
"0.1.331",
"0.1.34",
"0.1.341",
"0.1.343",
"0.1.345",
"0.1.347",
"0.1.348",
"0.1.349",
"0.1.351",
"0.1.352",
"0.1.353",
"0.1.354",
"0.1.356",
"0.1.360",
"0.1.361",
"0.1.362",
"0.1.363",
"0.1.364",
"0.1.365",
"0.1.366",
"0.1.367",
"0.1.368",
"0.1.369",
"0.1.370",
"0.1.371",
"0.1.372",
"0.1.373",
"0.1.375",
"0.1.376",
"0.1.379",
"0.1.380",
"0.1.381",
"0.1.383",
"0.1.384",
"0.1.385",
"0.1.386",
"0.1.387",
"0.1.388",
"0.1.389",
"0.1.392",
"0.1.393",
"0.1.394",
"0.1.398",
"0.1.399",
"0.1.400",
"0.1.401",
"0.1.402",
"0.1.403",
"0.1.404",
"0.1.405",
"0.1.410",
"0.1.411",
"0.1.412",
"0.1.415",
"0.1.419",
"0.1.420",
"0.1.421",
"0.1.422",
"0.1.424",
"0.1.425",
"0.1.426",
"0.1.429",
"0.1.433",
"0.1.434",
"0.1.435",
"0.1.436",
"0.1.437",
"0.1.438",
"0.1.439",
"0.1.440",
"0.1.441",
"0.1.442",
"0.1.443",
"0.1.444",
"0.1.445",
"0.1.446",
"0.1.447",
"0.1.448",
"0.1.449",
"0.1.450",
"0.1.451",
"0.1.452",
"0.1.456",
"0.1.457",
"0.1.459",
"0.1.460",
"0.1.461",
"0.1.464",
"0.1.465",
"0.1.475",
"0.1.477",
"0.1.479",
"0.1.480",
"0.1.481",
"0.1.482",
"0.1.486",
"0.1.487",
"0.1.488",
"0.1.490",
"0.1.491",
"0.1.492",
"0.1.493",
"0.1.494",
"0.1.495",
"0.1.497",
"0.1.500",
"0.1.501",
"0.1.504",
"0.1.507",
"0.1.508",
"0.1.509",
"0.1.510",
"0.1.511",
"0.1.512",
"0.1.516",
"0.1.517",
"0.1.518",
"0.1.520",
"0.1.525",
"0.1.530",
"0.1.531",
"0.1.533",
"0.1.535",
"0.1.536",
"0.1.537",
"0.1.538",
"0.1.544",
"0.1.546",
"0.1.547",
"0.1.548",
"0.1.549",
"0.1.550",
"0.1.551",
"0.1.552",
"0.1.553",
"0.1.554",
"0.1.555",
"0.1.556",
"0.1.557",
"0.1.558",
"0.1.559",
"0.1.560",
"0.1.561",
"0.1.562",
"0.1.563",
"0.1.567",
"0.1.568",
"0.1.569",
"0.1.570",
"0.1.574",
"0.1.578",
"0.1.580",
"0.1.582",
"0.1.583",
"0.1.585",
"0.1.586",
"0.1.587",
"0.1.590",
"0.1.591",
"0.1.593",
"0.1.595",
"0.1.596",
"0.1.597",
"0.1.598",
"0.1.600",
"0.1.601",
"0.1.604",
"0.1.605",
"0.1.607",
"0.1.609",
"0.1.610",
"0.1.615",
"0.1.618",
"0.1.619",
"0.1.620",
"0.1.621",
"0.1.623",
"0.1.624",
"0.1.625",
"0.1.626",
"0.1.629",
"0.1.630",
"0.1.631",
"0.1.632",
"0.1.634",
"0.1.635",
"0.1.636",
"0.1.638",
"0.1.639",
"0.1.641",
"0.1.642",
"0.1.643",
"0.1.644",
"0.1.645",
"0.1.646",
"0.1.647",
"0.1.648",
"0.1.649",
"0.1.650",
"0.1.651",
"0.1.652",
"0.1.674",
"0.1.680",
"0.1.681",
"0.1.683",
"0.1.685",
"0.1.686",
"0.1.687",
"0.1.689",
"0.1.690",
"0.1.692",
"0.1.693",
"0.1.696",
"0.1.697",
"0.1.698",
"0.1.700",
"0.1.700.dev0",
"0.1.700.dev1",
"0.1.700.dev2",
"0.1.700.dev3",
"0.1.700.dev4",
"0.1.700.dev5",
"0.1.702",
"0.1.704",
"0.1.706",
"0.1.714",
"0.1.714.dev1",
"0.1.715",
"0.1.716",
"0.1.719",
"0.1.720",
"0.1.721",
"0.1.723",
"0.1.724",
"0.1.729",
"0.1.736",
"0.1.738",
"0.1.743",
"0.1.745",
"0.1.746",
"0.1.747",
"0.1.748",
"0.1.749",
"0.1.750",
"0.1.751",
"0.1.758",
"0.1.765",
"0.1.769",
"0.1.7701",
"0.1.7713",
"0.1.772",
"0.1.774",
"0.1.780",
"0.1.781",
"0.1.784",
"0.1.786",
"0.1.788",
"0.1.789",
"0.1.793",
"0.1.794",
"0.1.805",
"0.1.806",
"0.1.807",
"0.1.813",
"0.1.814",
"0.1.815",
"0.1.816",
"0.1.817",
"0.1.818",
"0.1.819",
"0.1.820",
"0.1.821",
"0.1.824",
"0.10.0",
"0.10.1",
"0.11.1",
"0.12.10",
"0.12.11",
"0.12.12",
"0.12.4",
"0.12.4.dev1",
"0.12.4.dev2",
"0.12.5",
"0.12.5.dev1",
"0.12.7",
"0.12.7.dev1",
"0.12.8",
"0.12.9",
"0.13.0",
"0.13.1",
"0.13.1.dev1",
"0.13.1.dev2",
"0.13.1.dev3",
"0.13.2",
"0.13.2.dev1",
"0.13.3.dev1",
"0.13.3.dev2",
"0.13.6.dev1",
"0.13.6.dev2",
"0.13.6.dev3",
"0.13.7.dev1",
"0.14.0",
"0.14.0.dev1",
"0.14.1",
"0.2.5",
"0.2.6",
"0.3.0",
"0.3.1",
"0.4.0",
"0.4.4",
"0.5.2",
"0.5.3",
"0.5.4",
"0.5.6",
"0.6.0",
"0.6.1",
"0.6.2",
"0.6.6",
"0.7.1",
"0.7.1.dev1",
"0.7.1.dev2",
"0.7.1.dev3",
"0.7.10",
"0.7.3",
"0.7.4",
"0.7.5",
"0.7.9",
"0.8.0",
"0.8.1",
"0.8.2",
"0.8.3",
"0.8.4",
"0.8.5",
"0.8.6",
"0.9.0",
"0.9.1",
"0.9.2",
"0.9.2.dev1",
"1.0.0",
"1.0.0.dev1",
"1.0.3",
"1.0.3.dev1",
"1.1.0",
"1.1.1",
"1.1.2",
"1.1.3",
"1.10.0",
"1.10.1",
"1.10.10",
"1.10.11",
"1.10.2",
"1.10.3",
"1.10.4",
"1.10.6",
"1.10.8",
"1.10.9",
"1.10.dev11",
"1.11.0",
"1.11.1",
"1.12.0",
"1.12.1",
"1.12.2",
"1.12.3",
"1.12.5",
"1.12.5.dev1",
"1.12.6.dev1",
"1.12.6.dev2",
"1.12.6.dev3",
"1.12.6.dev4",
"1.12.6.dev5",
"1.13.2",
"1.14.0",
"1.14.0.dev1",
"1.14.1",
"1.14.10",
"1.14.2",
"1.14.3",
"1.14.4",
"1.14.5",
"1.14.5.dev1",
"1.14.6",
"1.14.7",
"1.14.8",
"1.14.9",
"1.15.0",
"1.15.1",
"1.15.10",
"1.15.2",
"1.15.3",
"1.15.6",
"1.15.7",
"1.15.8",
"1.16.0",
"1.16.1",
"1.16.11",
"1.16.12",
"1.16.18",
"1.16.19",
"1.16.2",
"1.16.20",
"1.16.21",
"1.16.3",
"1.16.4",
"1.16.5",
"1.16.6",
"1.16.7",
"1.16.8",
"1.16.9",
"1.17.0",
"1.17.2",
"1.17.3",
"1.17.4",
"1.17.5",
"1.17.9",
"1.18.0",
"1.18.1",
"1.18.13",
"1.18.13.dev1",
"1.18.13.dev4",
"1.18.13.dev5",
"1.18.14.dev8",
"1.18.2",
"1.18.6",
"1.18.7",
"1.18.8",
"1.19.4",
"1.2.0",
"1.20.0",
"1.20.5",
"1.20.6",
"1.20.7",
"1.20.8",
"1.20.9",
"1.21.4.dev1",
"1.21.6",
"1.21.7",
"1.22.3",
"1.22.5",
"1.23.0",
"1.23.1",
"1.23.15",
"1.23.16",
"1.23.2",
"1.23.3",
"1.23.5",
"1.24.3",
"1.24.5",
"1.25.0",
"1.25.1",
"1.25.2",
"1.26.0",
"1.26.1",
"1.26.13",
"1.26.3",
"1.26.8",
"1.27.1.dev11",
"1.27.1.dev30",
"1.27.1.dev31",
"1.27.1.dev40",
"1.27.1.dev50",
"1.27.1.dev60",
"1.27.1.dev9",
"1.27.4",
"1.27.6",
"1.27.8",
"1.28.0",
"1.28.1",
"1.28.10",
"1.28.11",
"1.28.13",
"1.28.4",
"1.29.1",
"1.29.3",
"1.29.4.dev1",
"1.29.7.dev3",
"1.3.1",
"1.3.3",
"1.3.3.dev1",
"1.3.3.dev2",
"1.3.3.dev3",
"1.30.0",
"1.30.1",
"1.30.1.dev5",
"1.30.1.dev6",
"1.30.3",
"1.30.7",
"1.31.13.dev1",
"1.31.13.dev10",
"1.31.13.dev2",
"1.31.13.dev3",
"1.31.14",
"1.31.14.dev2",
"1.31.14.dev3",
"1.31.14.dev4",
"1.31.14.dev5",
"1.31.14.dev6",
"1.31.14.dev8",
"1.31.14.dev9",
"1.31.15.dev2",
"1.31.17",
"1.31.2",
"1.31.2.dev10",
"1.31.3",
"1.31.6",
"1.31.8",
"1.32.1",
"1.32.4",
"1.32.5.dev1",
"1.32.9",
"1.33.4",
"1.33.5.dev1",
"1.33.9",
"1.34.0",
"1.34.1",
"1.34.11",
"1.34.16",
"1.34.18",
"1.34.21",
"1.34.22",
"1.34.25",
"1.34.29",
"1.34.3",
"1.34.37",
"1.34.39",
"1.34.4",
"1.34.42",
"1.34.6",
"1.34.8",
"1.35.0",
"1.35.0.dev1",
"1.35.1",
"1.35.12",
"1.35.17",
"1.35.18",
"1.35.2",
"1.35.20",
"1.35.21",
"1.35.22",
"1.35.23",
"1.35.26",
"1.35.28",
"1.35.3",
"1.35.31",
"1.35.32",
"1.35.35",
"1.35.36",
"1.35.38",
"1.35.5",
"1.35.7",
"1.35.8",
"1.36.0",
"1.36.1",
"1.36.2",
"1.36.4",
"1.37.0",
"1.37.12",
"1.37.14",
"1.37.16",
"1.37.19",
"1.37.2",
"1.37.20",
"1.37.3",
"1.37.7",
"1.37.9",
"1.38.0",
"1.38.1",
"1.38.10",
"1.38.11",
"1.38.12",
"1.38.3",
"1.38.4",
"1.38.5",
"1.38.7",
"1.38.8",
"1.39.2",
"1.39.3",
"1.39.4",
"1.39.5",
"1.39.5.dev1",
"1.39.6",
"1.4.0",
"1.40.0",
"1.40.0.dev1",
"1.40.1",
"1.40.1.dev1",
"1.40.10",
"1.40.11",
"1.40.12",
"1.40.13",
"1.40.14",
"1.40.15",
"1.40.16",
"1.40.17",
"1.40.19",
"1.40.2",
"1.40.20",
"1.40.21",
"1.40.22",
"1.40.24",
"1.40.25",
"1.40.26",
"1.40.27",
"1.40.28",
"1.40.29",
"1.40.3",
"1.40.31",
"1.40.4",
"1.40.5",
"1.40.6",
"1.40.7",
"1.40.8",
"1.40.9",
"1.41.0",
"1.41.1",
"1.41.11",
"1.41.12",
"1.41.13",
"1.41.14",
"1.41.15",
"1.41.15.dev2",
"1.41.17",
"1.41.18",
"1.41.19",
"1.41.2",
"1.41.20",
"1.41.21",
"1.41.22",
"1.41.23",
"1.41.24",
"1.41.25",
"1.41.26",
"1.41.27",
"1.41.28",
"1.41.3",
"1.41.4",
"1.41.5",
"1.41.6",
"1.41.7",
"1.41.8",
"1.42.0",
"1.42.1",
"1.42.10",
"1.42.11",
"1.42.12",
"1.42.2",
"1.42.3",
"1.42.4",
"1.42.5",
"1.42.6",
"1.42.7",
"1.42.8",
"1.42.9",
"1.43.0",
"1.43.1",
"1.43.10",
"1.43.12",
"1.43.13",
"1.43.15",
"1.43.16",
"1.43.17",
"1.43.18",
"1.43.19",
"1.43.2",
"1.43.3",
"1.43.4",
"1.43.5",
"1.43.6",
"1.43.7",
"1.43.9",
"1.44.1",
"1.44.10",
"1.44.11",
"1.44.12",
"1.44.13",
"1.44.14",
"1.44.15",
"1.44.16",
"1.44.17",
"1.44.18",
"1.44.19",
"1.44.2",
"1.44.21",
"1.44.22",
"1.44.23",
"1.44.24",
"1.44.25",
"1.44.26",
"1.44.27",
"1.44.28",
"1.44.3",
"1.44.4",
"1.44.5",
"1.44.6",
"1.44.7",
"1.44.8",
"1.44.9",
"1.45.0",
"1.46.0",
"1.46.1",
"1.46.2",
"1.46.4",
"1.46.5",
"1.46.6",
"1.46.7",
"1.46.8",
"1.47.0",
"1.47.1",
"1.47.2",
"1.48.0",
"1.48.1",
"1.48.10",
"1.48.11",
"1.48.12",
"1.48.14",
"1.48.15",
"1.48.16",
"1.48.17",
"1.48.18",
"1.48.19",
"1.48.2",
"1.48.3",
"1.48.4",
"1.48.5",
"1.48.6",
"1.48.7",
"1.48.8",
"1.48.9",
"1.49.0",
"1.49.1",
"1.49.2",
"1.49.3",
"1.49.4",
"1.49.5",
"1.49.6",
"1.49.7",
"1.50.0",
"1.50.1",
"1.50.2",
"1.50.4",
"1.51.0",
"1.51.1",
"1.51.2",
"1.51.3",
"1.52.0",
"1.52.1",
"1.52.10",
"1.52.11",
"1.52.12",
"1.52.14",
"1.52.15",
"1.52.16",
"1.52.2",
"1.52.3",
"1.52.4",
"1.52.5",
"1.52.6",
"1.52.8",
"1.52.9",
"1.53.1",
"1.53.1.dev1",
"1.53.2",
"1.53.3",
"1.53.4",
"1.53.5",
"1.53.6",
"1.53.7",
"1.53.8",
"1.53.9",
"1.54.0",
"1.54.1",
"1.55.0",
"1.55.1",
"1.55.10",
"1.55.11",
"1.55.12",
"1.55.2",
"1.55.3",
"1.55.4",
"1.55.6",
"1.55.7",
"1.55.8",
"1.55.9",
"1.56.10",
"1.56.2",
"1.56.3",
"1.56.4",
"1.56.5",
"1.56.6",
"1.56.8",
"1.56.8.dev4",
"1.56.8.dev5",
"1.56.8.dev6",
"1.56.8.dev7",
"1.56.9",
"1.57.0",
"1.57.1",
"1.57.10",
"1.57.11",
"1.57.2",
"1.57.3",
"1.57.4",
"1.57.5",
"1.57.7",
"1.57.7.dev1",
"1.57.8",
"1.58.0",
"1.58.1",
"1.58.2",
"1.58.4",
"1.59.0",
"1.59.1",
"1.59.1.dev1",
"1.59.10",
"1.59.10.dev1",
"1.59.12",
"1.59.2",
"1.59.3",
"1.59.5",
"1.59.6",
"1.59.7",
"1.59.8",
"1.59.9",
"1.6.0",
"1.60.0",
"1.60.2",
"1.60.4",
"1.60.5",
"1.60.6",
"1.60.7",
"1.60.8",
"1.60.9",
"1.61.0",
"1.61.0.dev1",
"1.61.1",
"1.61.11",
"1.61.13",
"1.61.15",
"1.61.16",
"1.61.17",
"1.61.19",
"1.61.2",
"1.61.20",
"1.61.3",
"1.61.4",
"1.61.5",
"1.61.6",
"1.61.7",
"1.61.8",
"1.61.9",
"1.62.1",
"1.62.4",
"1.63.0",
"1.63.0.dev12",
"1.63.11",
"1.63.11.dev1",
"1.63.12",
"1.63.14",
"1.63.2",
"1.63.3",
"1.63.4.dev1",
"1.63.5",
"1.63.6",
"1.63.7",
"1.63.8",
"1.64.1",
"1.65.0",
"1.65.0.post1",
"1.65.1",
"1.65.3",
"1.65.4",
"1.65.4.post1",
"1.65.5",
"1.65.6",
"1.65.7",
"1.65.8",
"1.66.0",
"1.66.1",
"1.66.2",
"1.66.3",
"1.67.0",
"1.67.0.post1",
"1.67.1",
"1.67.2",
"1.67.4",
"1.67.4.dev1",
"1.67.4.post1",
"1.67.5",
"1.67.6",
"1.68.0",
"1.68.1",
"1.68.1.dev1",
"1.68.2",
"1.69.0",
"1.69.1",
"1.69.2",
"1.69.3",
"1.7.1",
"1.7.11",
"1.7.12",
"1.7.2",
"1.7.3",
"1.7.4",
"1.7.5",
"1.7.6",
"1.7.7",
"1.7.8",
"1.7.9",
"1.70.0",
"1.70.2",
"1.70.4",
"1.71.0",
"1.71.1",
"1.71.2",
"1.71.3",
"1.72.0",
"1.72.1",
"1.72.2",
"1.72.2.post1",
"1.72.3",
"1.72.4",
"1.72.5.dev1",
"1.72.5.dev2",
"1.72.5.dev3",
"1.72.6",
"1.72.6.post1",
"1.72.6.post2",
"1.72.7",
"1.72.7.dev1",
"1.72.7.dev7",
"1.72.9",
"1.73.0",
"1.73.0.post1",
"1.73.0rc1",
"1.73.1",
"1.73.2",
"1.73.6",
"1.73.6.post1",
"1.73.6rc2",
"1.73.7",
"1.73.7.dev1",
"1.73.7.dev2",
"1.73.7.dev3",
"1.73.7.dev4",
"1.74.0",
"1.74.0.post1",
"1.74.0.post2",
"1.74.1",
"1.74.12",
"1.74.14",
"1.74.15",
"1.74.15.post1",
"1.74.15.post2",
"1.74.2",
"1.74.3",
"1.74.3.post1",
"1.74.3rc1",
"1.74.3rc2",
"1.74.3rc3",
"1.74.4",
"1.74.4.dev1",
"1.74.6",
"1.74.7",
"1.74.7.post1",
"1.74.7.post2",
"1.74.7rc1",
"1.74.8",
"1.74.8.dev2",
"1.74.9",
"1.74.9.dev1",
"1.74.9.dev2",
"1.74.9.post1",
"1.74.9.post2",
"1.75.0",
"1.75.2",
"1.75.3",
"1.75.4",
"1.75.5.post1",
"1.75.5.post2",
"1.75.6",
"1.75.7",
"1.75.8",
"1.75.9",
"1.76.0",
"1.76.1",
"1.76.2",
"1.76.3",
"1.77.0",
"1.77.1",
"1.77.2.post1",
"1.77.3",
"1.77.4",
"1.77.4.dev1",
"1.77.5",
"1.77.7",
"1.78.0",
"1.78.0rc2",
"1.78.2",
"1.78.3",
"1.78.4",
"1.78.5",
"1.78.6",
"1.78.7",
"1.79.0",
"1.79.0.dev1",
"1.79.0.dev2",
"1.79.0.dev3",
"1.79.1",
"1.79.2",
"1.79.3",
"1.79.3.dev8",
"1.8.1",
"1.80.0",
"1.80.10",
"1.80.11",
"1.80.12",
"1.80.13",
"1.80.15",
"1.80.16",
"1.80.17",
"1.80.5",
"1.80.6",
"1.80.7",
"1.80.8",
"1.80.9",
"1.81.0",
"1.81.1",
"1.81.10",
"1.81.11",
"1.81.12",
"1.81.13",
"1.81.14",
"1.81.15",
"1.81.16",
"1.81.3",
"1.81.4",
"1.81.5",
"1.81.6",
"1.81.7",
"1.81.8",
"1.81.9",
"1.81.9.dev1",
"1.82.0",
"1.82.1",
"1.82.2",
"1.82.3",
"1.82.4",
"1.82.5",
"1.82.6",
"1.9.0",
"1.9.1",
"1.9.2",
"1.9.3",
"1.9.4",
"1.9.5",
"1.9.dev0"
]
}
],
"aliases": [
"CVE-2026-35030",
"GHSA-jjhc-v7c2-5hh6"
],
"details": "### Impact\n\nWhen JWT authentication is enabled (`enable_jwt_auth: true`), the OIDC userinfo cache uses `token[:20]` as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.\n\nThis configuration option is not enabled by default. **Most instances are not affected.**\n\nAn unauthenticated attacker can craft a token whose first 20 characters match a legitimate user\u0027s cached token. On cache hit, the attacker inherits the legitimate user\u0027s identity and permissions. This affects deployments with JWT/OIDC authentication enabled.\n\n### Patches\n \nFixed in v1.83.0. The cache key now uses the full hash of the JWT token.\n\n### Workarounds\n\nDisable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.",
"id": "PYSEC-2026-390",
"modified": "2026-06-29T12:05:33.663318Z",
"published": "2026-06-29T11:50:47.498250Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35030"
},
{
"type": "PACKAGE",
"url": "https://github.com/BerriAI/litellm"
},
{
"type": "PACKAGE",
"url": "https://pypi.org/project/litellm"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-jjhc-v7c2-5hh6"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "LiteLLM: Authentication bypass via OIDC userinfo cache key collision"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…