Backdoor in litellm version 1.82.7

60% confidence

Description

The python package 'litellm' was compromised, leading to the inclusion of malicious code that steals credentials and installs a backdoor. The malware activates upon importing any module from the package, harvesting sensitive data such as private SSH keys, Git and Docker credentials, and cloud access tokens, and exfiltrates this data to a remote API.

Affected Products

Vendor	Product	Versions
berriai	litellm	1.82.7, 1.82.8

Related News (1 articles)

Tier C

oss-security1d ago

backdoor in litellm version 1.82.7

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-20

Published3/25/2026

Last enriched4h ago

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: reported

Confidence: 6000%