Executive Summary
A critical authentication bypass vulnerability, designated CVE-2026-48710 and nicknamed "BadHost", has been disclosed in the Starlette web framework. New primary sources now clarify the exploit condition: Starlette versions before 1.0.1 reconstruct request.url from the raw HTTP Host header, while routing still uses the real ASGI path. Middleware that authorizes based on request.url.path can therefore see an attacker-controlled path that differs from the route actually executed OSTIF opens in a new tab Tenable opens in a new tab.
The highest-risk deployments are not every Starlette application equally. Prioritize FastAPI, Starlette, vLLM, LiteLLM, MCP gateways, OpenAI-compatible proxies, and internal AI/agent services that run directly on ASGI servers or use middleware to gate /admin, /v1/models, /mcp, /internal, /metrics, or tool-execution endpoints BadHost opens in a new tab OSTIF opens in a new tab. This article provides an impact determination and a Python audit script to identify vulnerable dependencies and Host-header exploit attempts.