A vulnerability in Starlette, the Python framework behind FastAPI, allows unauthenticated attackers to bypass host-validation protections using malformed Host headers. The flaw, CVE-2026-48710, can be exploited without a password or any action from a victim. Starlette rebuilds the incoming request address by combining the Host header with the requested path, then validates different parts using different rules. Certain characters in the Host header, including slash, question mark, or hash, shift where the path begins, causing the path Starlette reports to differ from the path the server actually received. Routing uses the real path, while middleware and endpoints may read the altered path, enabling sensitive-route restrictions to be bypassed. A patch was released via an official GitHub security advisory, and a testing site (badhost.org) was created.
"A single malformed character in a web request can let an unauthenticated attacker slip past the access controls that guard applications built on Starlette, the open-source Python framework that powers FastAPI, researchers said. The flaw, tracked as CVE-2026-48710 could allow attackers to bypass host-validation protections using malformed Host headers, according to an advisory from cybersecurity firm X41 D-Sec. The attacker needs no password and no action from a victim, it said."
"The flaw lies in how Starlette rebuilds the address of an incoming request, according to X41 D-Sec. The framework joins the Host header sent by the client to the path that was requested to form a complete URL, but parses the whole and the parts for validity using different rules. A Host header containing a slash, question mark or hash character shifts where the path begins, the researchers said, so the path Starlette reports no longer matches the one the server actually received."
"That gap is where the risk lies, according to the firm. Starlette routes the request to the real path, but middleware and endpoints read the altered one. An application that restricts sensitive routes by checking the path it sees can let an attacker bypass those restrictions, the firm said. Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers and agent infrastructure."
"Starlette's maintainer released a patch through an official GitHub security advisory after X41 D-Sec disclosed the vulnerability in coordination with the Open Source Technology Improvement Fund (OSTIF). They found the flaw during an unrelated source-code audit, and traced it to Starlette rather than the application under review. "This bug is a classic 'responsibility gap' where if this maintainer didn't patch, thousands of exposed projects would have to individually secure their projects," OSTIF said. The researchers have created a website, badhost.org, that can test websites for the vulnerability."
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]