LiteLLM < 1.83.10 Privilege Escalation via User Update_CVE-2026-47102

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxy_admin, gaining full administrative access to LiteLLM including all users, teams, keys, models, and prompt history. Users with the org_admin role have legitimate access to this endpoint and can exploit this vulnerability without chaining any additional flaw.

AI Analysis

Privilege escalation vulnerability in LiteLLM via user update endpoint, allowing users to gain full administrative access.

Basic Information

ID CVE-2026-47102

Source VulnCheck

Published May 21, 2026 at 20:34

Affected Product

Vendor BerriAI

Product litellm

Affected Versions BerriAI litellm 0

CWE Classification

CWE-863

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor BerriAI

Product LiteLLM

Version < 1.83.10

References

{
    "lastseen": "",
    "description": "LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxy_admin, gaining full administrative access to LiteLLM including all users, teams, keys, models, and prompt history. Users with the org_admin role have legitimate access to this endpoint and can exploit this vulnerability without chaining any additional flaw.",
    "published": "2026-05-21T20:34:37.893Z",
    "modified": "2026-05-21T20:34:37.893Z",
    "type": "cve",
    "title": "LiteLLM < 1.83.10 Privilege Escalation via User Update",
    "source": "VulnCheck",
    "references": "https://gist.github.com/13ph03nix/9ec616e1fdc77b3673509c60206e827f\nhttps://huntr.com/bounties/8e75edfb-ff05-4e63-bfca-2d93d03fb3b9\nhttps://github.com/BerriAI/litellm/releases/tag/v1.83.10-stable\nhttps://github.com/BerriAI/litellm/pull/25541\nhttps://github.com/BerriAI/litellm/commit/e6f18ce75b111c9b93dc15c72894cbdeb53177ce\nhttps://github.com/BerriAI/litellm/commit/128d32d2494b759c5d15da3452452af4c6a34c01\nhttps://www.vulncheck.com/advisories/litellm-privilege-escalation-via-user-update",
    "id": "CVE-2026-47102",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "BerriAI litellm 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "litellm",
    "version": "0",
    "vendor": "BerriAI",
    "ai_description": "Privilege escalation vulnerability in LiteLLM via user update endpoint, allowing users to gain full administrative access.",
    "ai_severity": "High",
    "ai_vendor": "BerriAI",
    "ai_product": "LiteLLM",
    "ai_version": "< 1.83.10",
    "ai_score": 8.7
}