URL has been copied successfully!
Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection


Tags: , , , , , , , , ,

A critical security vulnerability tracked as CVE-2026-49468 has been disclosed in the LiteLLM framework, exposing deployments to authentication bypass attacks via Host header injection. The issue, published in the GitHub Advisory Database and classified under GHSA-4xpc-pv4p-pm3w, affects all LiteLLM versions before 1.84.0 and has been assigned a critical severity rating due to its potential impact […] The post Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/critical-litellm-flaw/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
  2. Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks
  3. Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks
  4. CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild