At Escape, we routinely test the AI infrastructure that teams deploy inside their cloud environments.
LLM gateways, RAG pipelines, model proxies: these are services that make outbound HTTP requests by design, which makes them natural targets for SSRF.
When we looked at LiteLLM, we found three confirmed SSRF sinks, a
