Path traversal in LiteLLM - #VU136050
Published: July 1, 2026
LiteLLM
Detailed vulnerability description
The vulnerability allows a remote user to write arbitrary files and potentially execute arbitrary code.
The vulnerability exists due to path traversal in Skills archive extraction when processing uploaded skill ZIP archives for execution. A remote user can upload a crafted skill archive containing path traversal entries to write arbitrary files and potentially execute arbitrary code.
Exploitation requires access to LiteLLM LLM API routes or a key whose allowed_routes includes /v1/skills, anthropic_routes, or llm_api_routes.