Critical 'BadHost' Vulnerability (CVE-2026-48710) in Starlette Exposes AI Agents
A critical vulnerability, CVE-2026-48710, dubbed 'BadHost,' has been discovered in Starlette, a Python ASGI framework widely used in AI infrastructure. The flaw allows unauthenticated attackers to bypass path-based authentication by injecting a single character into an HTTP Host header. All Starlette versions prior to 1.0.1 are affected.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.