logo

Database

Use of software with malware In litellm

Description

Two LiteLLM versions published containing credential harvesting malware After an API Token exposure from an exploited trivy dependency, two new releases of litellm were uploaded to PyPI containing automatically activated malware, harvesting sensitive credentials and files, and exfiltrating to a remote API.

Anyone who has installed and run the project should assume any credentials available to litellm environment may have been exposed, and revoke/rotate thema ccordingly.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. GCVE-GHSA-5mg7-485q-xm76

References

1. https://github.com/BerriAI/litellm/issues/245182. https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack3. https://github.com/pypa/advisory-database/tree/main/vulns/litellm/PYSEC-2026-2.yaml4. https://inspector.pypi.io/project/litellm/1.82.7/packages/79/5f/b6998d42c6ccd32d36e12661f2734602e72a576d52a51f4245aef0b20b4d/litellm-1.82.7-py3-none-any.whl/litellm/proxy/proxy_server.py#line.1305. https://inspector.pypi.io/project/litellm/1.82.8/packages/f6/2c/731b614e6cee0bca1e010a36fd381fba69ee836fe3cb6753ba23ef2b9601/litellm-1.82.8.tar.gz/litellm-1.82.8/litellm_init.pth#line.16. https://www.wiz.io/blog/teampcp-attack-kics-github-action

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.