High severity8.8NVD Advisory· Published Apr 10, 2026· Updated Apr 27, 2026
CVE-2026-40217
CVE-2026-40217
Description
LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the /guardrails/test_custom_code URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
litellmPyPI | >= 1.81.8, < 1.83.10 | 1.83.10 |
Affected products
6- osv-coords5 versionspkg:apk/chainguard/airflow-3pkg:apk/chainguard/litellmpkg:apk/chainguard/litellm-compatpkg:apk/wolfi/airflow-3pkg:pypi/litellm
< 3.2.2-r7+ 4 more
- (no CPE)range: < 3.2.2-r7
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.2.2-r7
- (no CPE)range: >= 1.81.8, < 1.83.10
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-wxxx-gvqv-xp7pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-40217ghsaADVISORY
- www.x41-dsec.de/lab/advisories/x41-2026-001-litellm/nvdThird Party AdvisoryExploitMitigation
- github.com/BerriAI/litellm/releases/tag/v1.83.10-stableghsaWEB
- github.com/BerriAI/litellm/security/advisories/GHSA-wxxx-gvqv-xp7pghsaWEB
- www.x41-dsec.de/lab/advisories/x41-2026-001-litellmghsaWEB
News mentions
2- ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and MoreThe Hacker News · Jun 22, 2026
- LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway ServersThe Hacker News · Jun 15, 2026