Starlette BadHost Vulnerability: Host Header Manipulation Bypassing Auth (CVE-2026-48710)

Vulnerability Overview Vulnerability Name: BadHost CVE ID: CVE-2026-48710 Other Identifiers: X41-2026-002 / GHSA-866w-5c6f-x5gm / PYSEC-2026-181 Discoverer: X41 D-Sec Auditor: OSTIF Scanning & Automation: Nemesis Severity: Critical Description: Starlette < 1.0.1 does not sanitize the Host header when deriving the request URL, allowing attackers to forge the request URL path and bypass path-based authentication middleware. Impact Scope Affected Projects: Thousands of FastAPI and Starlette applications, including vLLM, LibLLM, MCP servers, and AI agent frameworks. Remediation How to Fix: The page provides a "How to Fix" link, but the specific remediation steps are not shown in the screenshot. Additional Information: The page offers detailed information about the vulnerability, including answers to questions such as "What is BadHost / CVE-2026-48710?", "Which projects are affected?", and "About AI infrastructure (LLM agents, agent frameworks)." POC or Exploit Code No specific POC or exploit code is provided on the page. Additional Information AI Infrastructure Scanning: The page provides a tool for automatically discovering MCP endpoints and common inference API paths, suitable for scanning AI infrastructure. Collaboration: The discovery of this vulnerability is related to the collaboration between X41 D-Sec, OSTIF, Nemesis, and 3INTECH. Summary BadHost is a critical severity vulnerability affecting FastAPI and Starlette applications using Starlette < 1.0.1, particularly those related to AI infrastructure. The specific steps for remediation are not shown in the screenshot, but the page provides detailed vulnerability information and answers to related questions.

Goal Reached Thanks to every supporter — we hit 100%!

Starlette BadHost Vulnerability: Host Header Manipulation Bypassing Auth (CVE-2026-48710)