Improper access control in LiteLLM - #VU136051
Published: July 1, 2026
LiteLLM
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code and disclose sensitive information.
The vulnerability exists due to improper access control in the Custom Code Guardrails production create/update paths when submitting custom Python code. A remote privileged user can create or update a guardrail with crafted code to execute arbitrary code and disclose sensitive information.
In deployments without a configured master key, callers could be treated as proxy administrators.