Cybersecurity experts have discovered a serious BadHost vulnerability in the popular Python framework Starlette, which could jeopardize the operation of millions of servers and artificial intelligence tools worldwide.
This is reported by Business • Media
Which Systems Are at Risk
The vulnerability identified as CVE-2026-48710 affects all versions of Starlette up to 1.0.1. Starlette is widely used as a foundation for FastAPI and other solutions applied in the development of AI services. According to the developers, this framework is downloaded over 325 million times a week.
The issue affects not only FastAPI but also solutions such as vLLM, LiteLLM, Text Generation Inference, OpenAI proxies, and MCP servers that provide AI agents access to external services and databases.
“Researchers have warned about the risk of credential theft, SSRF attacks, and remote code execution.”
According to findings from the Secwest and X41 D-Sec teams, the vulnerability allows attackers to bypass authorization systems, spoof server requests (SSRF attacks), and even execute arbitrary code on affected servers. Particularly alarming is the fact that most of these servers contain SSH keys, AWS credentials, email data, calendars, internal documentation, and other confidential information.
Causes and Consequences of BadHost
Experts explain that the vulnerability arose due to errors in handling the HTTP Host header in Starlette. This allows attackers to create additional paths in requests and bypass authorization checks.
Although the official severity rating of the vulnerability is 7 out of 10, Secwest experts are convinced that the actual risks are significantly higher. During scanning, researchers from X41 D-Sec identified potentially vulnerable systems in the fields of biopharmaceuticals, HR, SaaS, cybersecurity, IoT, and cloud services.
Experts strongly advise all users of FastAPI, vLLM, LiteLLM, and other Starlette-based tools to check their infrastructures as soon as possible and update their software to secure versions.