{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreicn7ykzmeki7g6y5eff2qcqao2tkg3zxsynpx527gubp3vb2z4agu",
"uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3moehk3n25l32"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreihm3hggfwm75nrubjxs3g4r6kdaedjxvtf6eu7yfscqd6qbaha3ke"
},
"mimeType": "image/jpeg",
"size": 208893
},
"path": "/2026/06/litellm-vulnerability-chain-lets-low.html",
"publishedAt": "2026-06-15T16:39:01.000Z",
"site": "https://thehackernews.com",
"textContent": "A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed\n\nLiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface.\n\nA server takeover exposes every provider key it holds, the secrets that",
"title": "LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers"
}