Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
Cybersecurity NewsArchived Jun 17, 2026✓ Full text saved
A critical security vulnerability has been disclosed in LiteLLM, an increasingly popular proxy used for managing large language model (LLM) APIs. The flaw, tracked as CVE-2026-49468, allows attackers to bypass authentication mechanisms under specific conditions by exploiting improper handling of the Host header. The issue affects LiteLLM versions before 1.84.0 and has been assigned a […] The post Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection appeared first on Cyber
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security News
Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
By Abinaya
June 17, 2026
A critical security vulnerability has been disclosed in LiteLLM, an increasingly popular proxy used for managing large language model (LLM) APIs.
The flaw, tracked as CVE-2026-49468, allows attackers to bypass authentication mechanisms under specific conditions by exploiting improper handling of the Host header.
The issue affects LiteLLM versions before 1.84.0 and has been assigned a critical severity rating. The vulnerability stems from a flaw in how the LiteLLM proxy determines request routes during authentication checks.
The authentication mechanism relies on the request.url.path value generated by the Starlette framework, which reconstructs the path using the Host header supplied in incoming HTTP requests.
By manipulating this header, an attacker can cause the authentication layer to evaluate a different route than the one FastAPI actually processes.
This discrepancy creates an opportunity for attackers to bypass access controls and gain unauthorized access to sensitive management endpoints.
LiteLLM Vulnerability
The vulnerability is classified as CWE-290 (Authentication Bypass by Spoofing) and carries a high CVSS v4 score, reflecting significant potential impact on confidentiality, integrity, and availability.
Notably, it requires neither authentication nor user interaction, making it particularly dangerous in exposed environments. The attack vector is network-based and low-complexity, further increasing its risk profile.
According to GitHub advisory GHSA-4xpc-pv4p-pm3w, most deployments are not affected because the vulnerability is effectively mitigated when upstream infrastructure validates or normalizes the Host header.
This includes deployments behind content delivery networks (CDNs), web application firewalls (WAFs), reverse proxies with strict server_name validation, or cloud load balancers configured with host-based routing rules.
Additionally, LiteLLM Cloud customers are not impacted by this issue, as the hosted environment includes protective controls that prevent Host header manipulation.
The vulnerability has been patched in LiteLLM version 1.84.0, and users are strongly advised to upgrade immediately. The fix does not require any configuration changes, simplifying remediation efforts.
For organizations unable to upgrade immediately, temporary mitigations include placing the LiteLLM proxy behind a trusted upstream component that enforces strict Host header validation.
Alternatively, restricting network access to the proxy service can reduce exposure. The vulnerability was discovered by security researchers Le The Thang from KCSC and Kim Ngoc Chung from One Mount Group.
Their findings highlight the risks of improper request parsing in modern API frameworks, especially when relying on headers that clients can manipulate.
This disclosure underscores the importance of validating input headers and ensuring consistency between routing and authentication layers in web applications, particularly those handling sensitive AI workloads.
CISO & Security Leaders: Your next breach may not have a face. Join ISC2’s LIVE webinar, “Ghost in the Machine”
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Abinayahttps://cybersecuritynews.com/
Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.
Trending News
Hackers Abuse Legitimate RMM Tools in The Quarry IRS and SSA Phishing Campaigns
Hackers Use Tax Phishing Emails to Deploy In-Memory Malware on Windows Systems
Palo Alto Warns of GlobalProtect VPN Vulnerability Actively Exploited in the Wild
Novo Nordisk Confirms Cyber Attack — Hackers Accessed Patient Medical Data and Internal AI Assets
Hackers Abuse VMware-Signed Binary to Sideload NIGHTFORGE Loader in Espionage Attacks
Latest News
Cyber Security News
Hackers Use Rokarolla Android Malware to Disable Google Play Protect and Control Devices
Cyber Security News
Deno-Based RAT Uses Microsoft Teams Impersonation and Mailbombing to Target Employees
Cyber Security
Hackers Abuse Steam Workshop Application Wallpapers to Hijack Active Steam Sessions
AI
Hackers Using Claude and OpenAI’s Codex for Exploitation, and Data Exfiltration Activities
Cyber Security News
Using Real-Time Network Monitoring to Spot Suspicious Application Behavior on macOS