LiteLLM has been compromised

[MickLesk]

Discussed in #13257

^{Originally posted by Builder-DE-TH March 24, 2026}

https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/

Update (12:30 UTC): version 1.82.7 is also compromised, in addition to 1.82.8

Update (13:03 UTC): The public GitHub issue has been closed as "not planned" by the owner, and is spammed by hundreds of bots to dillute the discussion. The author of litellm have been very likely fully compromised.

[MickLesk]

/pocketbase litellm is_disabled=true disable_message="Due to a critical supply chain incident (litellm), this service is offline as a precaution.
We are auditing systems and rotating secrets. See here for more details: #13258"

[github-actions]

✅ PocketBase Bot: Updated litellm successfully!

Changes applied:

• is_disabled → true
• disable_message → "Due to a critical supply chain incident (litellm), this service is offline as a precaution."

Executed by @MickLesk

[jamesmyatt]

Looks like LiteLLM has been secured again. Compromised packages have been removed: https://pypi.org/project/litellm/#history. Current status is here: BerriAI/litellm#24518.

The question for the community scripts is whether to pin all dependencies to specific versions. But that affects every script, I think.

[michelroegl-brunner]

Maybe we reenable it when the next "clean" release is out.

[fguisso]

just an add-on, can we have the actual version of the application and the upstream in Details?

[harsh-batheja]

/pocketbase litellm is_disabled=false

[github-actions]

❌ PocketBase Bot: @harsh-batheja is not authorized to use this command.
Only org members (Contributors team) can use /pocketbase.