A critical vulnerability (CVE-2026-48710) in the Starlette open-source framework, which receives 325 million weekly downloads, exposes millions of AI agents and tools to potential breaches. The flaw, dubbed BadHost, allows attackers to bypass path-based authorization through HTTP Host header manipulation, potentially compromising sensitive credentials stored in MCP servers used by AI agents. The vulnerability affects numerous widely-used packages including FastAPI, vLLM, and LiteLLM, with a patch available in Starlette version 1.0.1.
Background
Starlette is a widely-used ASGI framework that serves as the foundation for many Python web applications and AI tools, including FastAPI. The framework's popularity in AI development makes this vulnerability particularly concerning for the security of AI agent ecosystems.
- Source
- Ars Technica
- Published
- May 27, 2026 at 03:50 AM
- Score
- 8.0 / 10