Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn
A serious security vulnerability known as 'BadHost' has been identified in the open-source Python web framework Starlette, potentially affecting millions of AI agents. Researchers warn that the severity of this flaw, which allows attackers to bypass security checks and exfiltrate sensitive data, is understated. The issue has been patched, but many vulnerable versions remain in use, necessitating immediate upgrades and scans.
- ▪The vulnerability is tracked as CVE-2026-48710 and has a severity score of 7/10.
- ▪Starlette is widely used in frameworks like FastAPI and receives around 325 million downloads weekly.
- ▪The flaw allows attackers to exploit malformed Host headers to access sensitive data from various sectors, including biopharma and IoT.
Opening excerpt (first ~120 words) tap to expand
Pro Security Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn News By Sead Fadilpašić published 27 May 2026 The risk is "materially understated", researchers are saying When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Secwest discloses CVE‑2026‑48710 (“BadHost”), a high‑severity flaw in Starlette that lets attackers abuse malformed Host headers to bypass security checks and exfiltrate sensitive dataStarlette underpins frameworks like FastAPI and is widely…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
