LiteLLM Proxy SQL Injection

Pre-Authentication Database Access in the AI Gateway Credential Broker

LiteLLM Proxy versions 1.81.16 through 1.83.6 contain a pre-authentication SQL injection in the API key verification path. The proxy concatenated caller-supplied Authorization header values directly into SQL query text rather than binding them as parameters. An unauthenticated attacker can read and potentially modify the proxy's database — which stores credentials for every LLM provider, tenant, and billing configuration managed through the gateway. Fixed in 1.83.7.