Get the latest tech news

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

Scan your Starlette or FastAPI server for CVE-2026-48710 (BadHost): a critical auth bypass via Host header injection affecting MCP servers, LLM proxies, AI agent frameworks, and thousands of Python ASGI applications.

None

Get the Android app

Or read this on Hacker News

Related news:

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

"Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days

« What Gets Kept

The Melancholy of Slaying Monsters »