All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

ylk

1 article on Hacker News: Front Page

All feeds
Hacker News

Appears on

Hacker News

Hacker News: Front Page

Articles1

CVE-2026-48710 (BadHost): Critical Starlette Host-Header Auth Bypass Vulnerability Affects FastAPI and Python ASGI Applications

A critical security vulnerability (CVE-2026-48710, dubbed "BadHost") has been discovered in Starlette web framework versions prior to 1.0.1, affecting FastAPI applications as well. The vulnerability allows authentication bypass via Host header injection, impacting Python ASGI applications including MCP servers, LLM proxies, and AI agent frameworks. Applicati

News
badhost.org6d ago