devtake.dev — #cve-2026-48710Articles tagged cve-2026-48710 on devtake.dev.https://devtake.dev/en-usOne bad Host header bypassed auth in Starlette, the routing core under millions of AI agentshttps://devtake.dev/article/ai-agents-package-rce-vulnerability/https://devtake.dev/article/ai-agents-package-rce-vulnerability/A flaw in Starlette, downloaded 325M times a week, let a single Host-header character bypass path-based auth across FastAPI, vLLM, and MCP servers.Mon, 08 Jun 2026 10:00:00 GMTsecuritysecuritysupply-chainai-agentsmcpcve-2026-48710pythonfastapiluca-reinhardt