JWT Authentication Vulnerability in LiteLLM Proxy Server by BerriAI
CVE-2026-35030

9.4CRITICAL

Key Information:

Vendor: Berriai
Status: Litellm
Vendor: CVE Published:; 6 April 2026

What is CVE-2026-35030?

The vulnerability in LiteLLM arises when JWT authentication is enabled, specifically in versions prior to 1.83.0. The application utilizes the first 20 characters of the JWT token as the cache key for OIDC userinfo. Because JWT headers created by the same signing algorithm produce identical initial characters, an attacker can forge a token that matches a legitimate user's cached key. This allows them to gain unauthorized access to the user's identity and permissions if the cache hit occurs. This flaw primarily impacts systems configured with JWT/OIDC authentication enabled. The issue has been addressed in version 1.83.0.

Affected Version(s)

litellm < 1.83.0

References

https://github.com/BerriAI/litellm/security/advisories/GH...

x_refsource_CONFIRM

CVSS V4

Score:

9.4

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2026
Vulnerability Reserved
Mar 31, 2026

CVE-2026-35030 Data

JSON

Berriai

What is CVE-2026-35030?

Affected Version(s)

References

CVSS V4

Timeline