Update Starlette Now. New severe vulnerability dropped.

badhost.org

cross-posted to:
lobsters@lemmy.bestiver.se
hackernews@lemmy.bestiver.se

Update Starlette Now. New severe vulnerability dropped.

badhost.org

botM to netsecEnglish · 15 days ago

cross-posted to:
lobsters@lemmy.bestiver.se
hackernews@lemmy.bestiver.se

BadHost - CVE-2026-48710 Starlette Host-Header Auth Bypass

badhost.org

Scan your Starlette or FastAPI server for CVE-2026-48710 (BadHost): a critical auth bypass via Host header injection affecting MCP servers, LLM proxies, AI agent frameworks, and thousands of Python ASGI applications.

You must log in or # to comment.

Chat