CLAIM 9 / LiteLLM
partial
Observed
Source-reviewed: the auth layer exists and functions, but its 2026 security record materially qualifies 'secure': 7 GitHub security advisories published 2026-04-03 through 2026-05-07, including a Critical OIDC authentication bypass (GHSA-jjhc-v7c2-5hh6) and a Critical SQL injection in the API key verification path (GHSA-r75f-5x8p-qvmc) — both patched; a JWT signature-verification bypass report was closed not-planned with no fix merged (#20500, 2026-02-06); PyPI releases 1.82.7-1.82.8 carried credential-stealing malware via a compromised CI scanner (March 2026 supply-chain incident, vendor-disclosed).
- UPDATE 2026-06-28: an 8th Critical advisory — Host Header Injection (GHSA-4xpc-pv4p-pm3w, CVSS 9.5, disclosed 2026-05-28) — was patched in v1.84.0; current stable v1.90.0 is safe.