Home / Security updates / LiteLLM Supply Chain Vulnerability
LiteLLM Supply Chain Vulnerability
Security updates detail rendered from /security-updates/upd_0db48503bb26d525.
Overview
| ID | upd_0db48503bb26d525 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Culture Amp |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_0db48503bb26d525 |
| providerId | safebase |
| organizationId | org_6fce154265b5f92c |
| trustCenterId | tc_ab799417e6db075e |
| title | LiteLLM Supply Chain Vulnerability |
| message | At Culture Amp, the security of our platform and the protection of our customers' data are our highest priorities. We are aware of the recent supply chain attack involving LiteLLM (specifically versions 1.82.7 and 1.82.8) and have completed a comprehensive internal review of our systems. Our Findings: Following a thorough investigation by our security team, we can confirm the following: - No Exposure to Compromised Versions: While Culture Amp uses LiteLLM within our environment, the specific compromised versions (1.82.7 and 1.82.8) were never present in any of our development, build, CI/CD, hosting, or production environments. - Data and Credential Integrity: Because the affected versions were never deployed, there was no risk to or impact on our stored credentials, API keys, cloud secrets, or sensitive configuration data. - No Indicators of Compromise (IoC): We have performed a full review of all known IoCs associated with this supply chain attack. Our monitoring and logs show no s |
| url | - |
| publishedAt | 2026-03-27 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_6fce154265b5f92c",
"name": "Culture Amp",
"domains": [
"security.cultureamp.com",
"cultureamp.com"
]
} |
| trust_center | {
"id": "tc_ab799417e6db075e",
"name": "Culture Amp",
"url": "https://security.cultureamp.com",
"host": "security.cultureamp.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_0db48503bb26d525",
"company": "/v1/companies/org_6fce154265b5f92c",
"trust_center": "/v1/trust-centers/tc_ab799417e6db075e",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_0db48503bb26d525JSON