#access-control-bypass

[ follow ]
#starlette #fastapi #cve-2026-48710 #web-request-validation #teamviewer #cve-2026-23572 #patch-15745
Information security
fromInfoWorld
2 days ago

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

A malformed Host header can bypass Starlette host-validation, letting unauthenticated attackers evade access controls across LLM gateways, MCP servers, and agent infrastructure.
Information security
fromTechzine Global
3 months ago

Security vulnerability in TeamViewer bypassed permission checks

TeamViewer patched a high-risk access-control bypass (CVE-2026-23572) that allowed authenticated users to gain system access without local approval; update to 15.74.5+ immediately.
[ Load more ]