LiteLLM 1.83.9 User Role Elevation via /user/update
CVE-2026-47102 Published on May 21, 2026

LiteLLM < 1.83.10 Privilege Escalation via User Update
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxy_admin, gaining full administrative access to LiteLLM including all users, teams, keys, models, and prompt history. Users with the org_admin role have legitimate access to this endpoint and can exploit this vulnerability without chaining any additional flaw.

NVD

Vulnerability Analysis

CVE-2026-47102 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2026-47102. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Types

What is an AuthZ Vulnerability?

The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

CVE-2026-47102 has been classified to as an AuthZ vulnerability or weakness.

What is a Mass Assignment Vulnerability?

The software receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.

CVE-2026-47102 has been classified to as a Mass Assignment vulnerability or weakness.


Products Associated with CVE-2026-47102

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

Red Hat Exploit Intelligence
 
Red Hat Openshift Ai
 
Red Hat Ansible Automation Platform
 

Affected Versions

BerriAI litellm: Red Hat Exploit Intelligence: Red Hat OpenShift AI (RHOAI): Red Hat Ansible Automation Platform 2:

Exploit Probability

EPSS
0.38%
Percentile
29.42%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.