Hacker News

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

https://badhost.org/

#HackerNews #BadHost #CVE-2026-48710 #Starlette #Security #Vulnerability #Auth #Bypass

BadHost - CVE-2026-48710 Starlette Host-Header Auth Bypass

Scan your Starlette or FastAPI server for CVE-2026-48710 (BadHost): a critical auth bypass via Host header injection affecting MCP servers, LLM proxies, AI agent frameworks, and thousands of Python ASGI applications.

CVE-2026-48710 - Nemesis - BadHost
May 27 at 7:14amHacker News Top 15