A default low-privilege account on a LiteLLM proxy can climb
to full admin and run code on the server by chaining three
vulnerabilities, researchers at Obsidian Security disclosed LiteLLM
is a widely deployed open-source AI gateway that brokers calls to
more than 100 model providers behind one OpenAI-compatible
interface. A server takeover exposes every provider key it holds,
the secrets that
Read more https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html
