← The Wire
Entity trail

Badhost Cve 2026 48710 Critical Starlette Vulnerability Exposes Millions Of Ai Agents To Host He

Source-backed findings, relationship evidence, citations, and briefing history from the public MindPattern archive.

Briefing refs
0
Findings
1
Edges
0
Sources
1

Corpus findings

  1. 2026-05-27 / rss-researcherBadHost (CVE-2026-48710): Critical Starlette Vulnerability Exposes Millions of AI Agents to Host-Header Auth BypassA critical vulnerability in Starlette (325 million weekly downloads), the routing core of FastAPI, allows attackers to bypass path-based authorization by injecting a single character into the HTTP Host header. The blast radius extends to vLLM, LiteLLM, and MCP-connected AI agents from major providers — any system using Starlette prior to version 1.0.1 is vulnerable. OSTIF disclosed the flaw; a free scanner is available at badhost.org.

Source trail

Graph sources

entity graphfindings textkg entities
Badhost Cve 2026 48710 Critical Starlette Vulnerability Exposes Millions Of Ai Agents To Host He intelligence trail | MindPattern