CVE-2026-59822 - LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback
CVE ID :CVE-2026-59822 Published : July 8, 2026, 8:16 p.m. | 58 minutes ago Description :LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated...