CVE-2026-35030: LiteLLM: Authentication bypass via OIDC userinfo cache key collision

April 3, 2026 (updated April 6, 2026)

When JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.

This configuration option is not enabled by default. Most instances are not affected.

An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user’s cached token. On cache hit, the attacker inherits the legitimate user’s identity and permissions. This affects deployments with JWT/OIDC authentication enabled.

References

github.com/BerriAI/litellm
github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6
github.com/advisories/GHSA-jjhc-v7c2-5hh6
nvd.nist.gov/vuln/detail/CVE-2026-35030

Code Behaviors & Features

Detect and mitigate CVE-2026-35030 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →