[SECURITY]■ STORY TIMELINE

STARLETTE HOST-HEADER AUTH BYPASS DISCLOSED

A critical authentication bypass vulnerability (CVE-2026-48710) affects Starlette, a popular Python web framework. The flaw allows attackers to bypass host-header validation through crafted requests.

1 SOURCEFIRST SEEN MAY 26, 09:07 AM► READ THE ARTICLE

Hacker News+0m

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

https://arstechnica.com/information-technology/2026/05/milli... Comments URL: https://news.ycombinator.com/item?id=48277…

◄ BACK TO ARTICLE