Skip to main content
Scour
Discover
Docs
Login
Sign Up
Discover
About
Docs
Changelog
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
badhost.org
3w
3 weeks ago
CVE-2026-48710 Starlette Host-Header Auth Bypass
(opens in new tab)
Covered by
11 sources
See all sources covering this story
including
DEV Community
,
infoworld.com
Discussed on
Lobsters
Love
Like
Not for me
Save
|
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covered in 11 articles
DEV Community
·
2w
2 weeks ago
CVE-2026-48710: CVE-2026-48710: Starlette BadHost HTTP Host-Header Path-Poisoning and Authentication Bypass
Discussed on
DEV
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for CVE-2026-48710: CVE-2026-48710: Starlette BadHost HTTP Host-Header Path-Poisoning and Authentication Bypass
infoworld.com
·
3w
3 weeks ago
FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
InfoQ
·
2w
2 weeks ago
BadHost Vulnerability Exposes AI Agents, Evaluators, and LLM Gateways
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for BadHost Vulnerability Exposes AI Agents, Evaluators, and LLM Gateways
secwest.net
·
3w
3 weeks ago
BadHost: One Char Bypasses Host-Based Security Across the Python AI Stack
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for BadHost: One Char Bypasses Host-Based Security Across the Python AI Stack
csoonline.com
·
3w
3 weeks ago
FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
ostif.org
·
3w
3 weeks ago
Disclosing the BADHOST Vulnerability in Starlette
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Disclosing the BADHOST Vulnerability in Starlette
marcelotryle.com
·
3w
3 weeks ago
CVE-2026-48710: A Maintainer's Perspective
Discussed on
Hacker News
,
Lobsters
, and
r/Python
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for CVE-2026-48710: A Maintainer's Perspective
indiehacker.news
·
3w
3 weeks ago
#057 - Anthropic hits $30B ARR, DuckDuckGo jumps 28%, and one Host header bypasses every FastAPI MCP
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for #057 - Anthropic hits $30B ARR, DuckDuckGo jumps 28%, and one Host header bypasses every FastAPI MCP
Metacurity
·
3w
3 weeks ago
Centcom: US war zone troops were targeted through commercial location data
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Centcom: US war zone troops were targeted through commercial location data
news.risky.biz
·
3w
3 weeks ago
Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure
In other languages
Nyheter
·
3w
3 weeks ago
Miljoner AI-agenter påverkas av ny kritisk sårbarhet
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Miljoner AI-agenter påverkas av ny kritisk sårbarhet
Keyboard Shortcuts
Navigation
Next / previous post
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Discover
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help
Like
Save
Not for me
Report