BadHost – CVE-2026-48710 Starlette Host-Header Auth Bypass (mcp-scan.nemesis.services)

A significant security vulnerability, identified as CVE-2026-48710, has been discovered in FastAPI and Starlette frameworks, allowing attackers to bypass authentication mechanisms in thousands of applications, including popular AI and LLM servers like vLLM and LiteLLM. The flaw stems from the handling of the Host header, which, when combined with request.url construction, lets unauthorized users forge access to protected API endpoints. Specifically, these frameworks relied on an inherently fragile method of determining the request path from the Host header, enabling potential exploitation of path-based authentication middleware. This vulnerability is particularly crucial for the AI/ML community since many machine learning inference servers and AI frameworks employ FastAPI or Starlette, putting sensitive information at risk, including API keys and model access. As the issue is not confined to a single codebase, it highlights a structural weakness across multiple technology layers—ASGI servers, Starlette, and middleware configurations. Security researchers caution that applications using custom BaseHTTPMiddleware or raw ASGI middleware should be thoroughly tested, while built-in FastAPI security features remain safe. To mitigate risks, developers are encouraged to use RFC-compliant reverse proxies and review their middleware implementations carefully against guidelines provided by the X41 open-source repository, which also offers tools for vulnerability scanning.