High severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Exposure of Sensitive Information in berriai/litellm

CVE-2025-0330

Description

In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfuse_secret and langfuse_public_key, which can provide full access to the Langfuse project storing all requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2025-0330 leaks Langfuse API keys in error messages in LiteLLM proxy server, giving full access to the Langfuse project and its stored LLM requests.

Vulnerability

Overview

In LiteLLM version 1.52.1, the proxy_server.py file contains an error-handling flaw that leaks Langfuse API keys when a parsing error occurs while processing team settings [2]. The error messages inadvertently include the langfuse_secret and langfuse_public_key, exposing credentials meant to be confidential.

Exploitation

An attacker can exploit this by causing a parsing error in team settings, which could be triggered by sending a specially crafted request to the proxy server. No authentication is explicitly required beyond network access to the server, making this a low-barrier attack [2][3].

Impact

With the leaked Langfuse API keys, an attacker gains full access to the associated Langfuse project, which stores all requests processed through the proxy. This can lead to exposure of sensitive data, including prompts and responses from LLM interactions [2].

Mitigation

As of March 2025, the vulnerability exists in version 1.52.1. The issue has been reported via a bug bounty program [3]. Users should upgrade to a patched version once available, or apply workarounds such as restricting network access and monitoring error logs for exposed credentials.

References

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
litellmPyPI	<= 1.52.1	—

Affected products

Berriai/Litellmllm-fuzzy
Range: =1.52.1
ghsa-coords
pkg:pypi/litellm
Range: <= 1.52.1
berriai/berriai/litellmv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-879v-fggm-vxw2ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-0330ghsaADVISORY
huntr.com/bounties/661b388a-44d8-4ad5-862b-4dc5b80be30aghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000