{"package":"litellm","ecosystem":"pypi","latest_version":"1.83.8","description":"Library to easily interface with LLM API providers","license":null,"homepage":"https://pypi.org/project/litellm/","repository":"https://github.com/BerriAI/litellm","downloads_weekly":0,"health":{"score":59,"risk":"high","breakdown":{"maintenance":25,"popularity":0,"security":17,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":7,"critical":0,"high":0,"medium":4,"low":3,"details":[{"vuln_id":"CVE-2024-6825","severity":"medium","summary":"LiteLLM Vulnerable to Remote Code Execution (RCE)","affected_versions":">=1.40.3.dev2","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:45Z"},{"vuln_id":"GHSA-5mg7-485q-xm76","severity":"unknown","summary":"Two LiteLLM versions published containing credential harvesting malware","affected_versions":">=1.82.7","fixed_version":null,"source":"osv","published_at":"2026-03-25T14:25:42Z"},{"vuln_id":"CVE-2024-4264","severity":"medium","summary":"litellm passes untrusted data to `eval` function without sanitization","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-05-18T00:30:42Z"},{"vuln_id":"CVE-2025-0330","severity":"medium","summary":"LiteLLM Has a Leakage of Langfuse API Keys","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-03-20T12:32:52Z"},{"vuln_id":"CVE-2024-4890","severity":"medium","summary":"SQL injection in litellm","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-06-06T21:30:37Z"},{"vuln_id":"PYSEC-2026-2","severity":"unknown","summary":"Malicious code in litellm (PyPI)","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2026-03-24T11:15:14Z"},{"vuln_id":"MAL-2026-2144","severity":"unknown","summary":"Two litellm versions published containing credential harvesting malware","affected_versions":">=1.82.7","fixed_version":null,"source":"osv","published_at":"2026-03-24T16:15:08.809028Z"}]},"versions":{"latest":"1.83.8","total_count":1293,"recent":["1.81.13","1.81.14","1.81.15","1.81.16","1.82.0","1.82.1","1.82.2","1.82.3","1.82.4","1.82.5","1.82.6","1.83.0","1.83.1","1.83.2","1.83.3","1.83.4","1.83.5","1.83.6","1.83.7","1.83.8"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2026-04-15T03:37:47.934409Z","dependencies_count":69,"dependencies":["fastuuid==0.14.0","httpx==0.28.1","openai==2.24.0","python-dotenv==1.0.1","tiktoken==0.12.0","importlib-metadata==8.5.0","tokenizers==0.22.2","click==8.1.8","jinja2==3.1.6","aiohttp==3.13.3","pydantic==2.12.5","jsonschema==4.23.0","diskcache==5.6.3; extra == \"caching\"","prisma==0.11.0; extra == \"extra-proxy\"","azure-identity==1.25.2; python_full_version >= \"3.9\" and extra == \"extra-proxy\"","azure-keyvault-secrets==4.10.0; extra == \"extra-proxy\"","google-cloud-kms==2.24.2; extra == \"extra-proxy\"","google-cloud-iam==2.19.1; extra == \"extra-proxy\"","resend==2.23.0; extra == \"extra-proxy\"","redisvl==0.4.1; python_full_version >= \"3.9\" and python_full_version < \"3.14\" and extra == \"extra-proxy\"","a2a-sdk==0.3.24; python_full_version >= \"3.10\" and extra == \"extra-proxy\"","google-cloud-aiplatform==1.133.0; extra == \"google\"","grpcio==1.78.0; extra == \"grpc\"","mlflow==3.9.0; python_full_version >= \"3.10\" and extra == \"mlflow\"","gunicorn==23.0.0; extra == \"proxy\"","uvicorn==0.33.0; extra == \"proxy\"","uvloop==0.21.0; sys_platform != \"win32\" and extra == \"proxy\"","fastapi==0.124.4; extra == \"proxy\"","backoff==2.2.1; extra == \"proxy\"","pyyaml==6.0.3; extra == \"proxy\"","rq==2.7.0; extra == \"proxy\"","orjson==3.10.15; extra == \"proxy\"","apscheduler==3.11.2; extra == \"proxy\"","fastapi-sso==0.16.0; extra == \"proxy\"","pyjwt==2.11.0; python_full_version >= \"3.9\" and extra == \"proxy\"","python-multipart==0.0.20; extra == \"proxy\"","cryptography==46.0.7; extra == \"proxy\"","pynacl==1.6.2; extra == \"proxy\"","websockets==15.0.1; extra == \"proxy\"","boto3==1.42.59; extra == \"proxy\"","azure-identity==1.25.2; python_full_version >= \"3.9\" and extra == \"proxy\"","azure-storage-blob==12.28.0; extra == \"proxy\"","mcp==1.26.0; python_full_version >= \"3.10\" and extra == \"proxy\"","litellm-proxy-extras==0.4.65; extra == \"proxy\"","litellm-enterprise==0.1.37; extra == \"proxy\"","rich==13.9.4; extra == \"proxy\"","polars==1.38.1; python_full_version >= \"3.10\" and extra == \"proxy\"","soundfile==0.12.1; extra == \"proxy\"","pyroscope-io==0.8.16; sys_platform != \"win32\" and extra == \"proxy\"","google-cloud-aiplatform==1.133.0; extra == \"proxy-runtime\"","google-genai==1.37.0; extra == \"proxy-runtime\"","anthropic[vertex]==0.84.0; extra == \"proxy-runtime\"","grpcio==1.78.0; extra == \"proxy-runtime\"","prometheus-client==0.20.0; extra == \"proxy-runtime\"","langfuse==2.59.7; extra == \"proxy-runtime\"","opentelemetry-api==1.28.0; extra == \"proxy-runtime\"","opentelemetry-sdk==1.28.0; extra == \"proxy-runtime\"","opentelemetry-exporter-otlp==1.28.0; extra == \"proxy-runtime\"","ddtrace==2.19.0; extra == \"proxy-runtime\"","sentry-sdk==2.21.0; extra == \"proxy-runtime\"","mangum==0.17.0; extra == \"proxy-runtime\"","azure-ai-contentsafety==1.0.0; extra == \"proxy-runtime\"","azure-storage-file-datalake==12.20.0; extra == \"proxy-runtime\"","pypdf==6.7.5; python_full_version < \"3.14\" and extra == \"proxy-runtime\"","llm-sandbox==0.3.31; python_full_version >= \"3.10\" and extra == \"proxy-runtime\"","detect-secrets==1.5.0; extra == \"proxy-runtime\"","semantic-router==0.1.12; python_full_version >= \"3.9\" and python_full_version < \"3.14\" and extra == \"semantic-router\"","aurelio-sdk==0.0.19; python_full_version >= \"3.9\" and python_full_version < \"3.14\" and extra == \"semantic-router\"","numpydoc==1.8.0; extra == \"utils\""]},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"1.83.8","version_hint":null,"summary":"litellm@1.83.8 is safe to use (health: 59/100)"},"requested_version":null,"_cache":"miss","_response_ms":488,"_powered_by":"depscope.dev — free package intelligence for AI agents"}