A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one...

#AI

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

VERWANDTEARTIKEL

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click

New attack turned Microsoft 365 Copilot into 1-click data theft tool

PromptSnatcher Ad Blocker Extensions Steal AI Chats From ChatGPT, Claude, and Gemini

SecSuite – AI-powered Tool for OSINT, Web and API Security Testing

FBI disrupts massive AI-powered phishing service using a million URLs