Path Traversal in Berriai Litellm

CVE-2026-59820

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.7-stable, LiteLLM Skills archive extraction did not sufficiently validate file paths from uploaded skill ZIP archives, allowing an authenti…

Vulnerability class: Path Traversal (Directory Traversal)

Affected products

Weakness classification (CWE)

References