PT-2026-43329 · Litellm+3 · Litellm+3
Ehhthing
+2
·
Published
2026-01-27
·
Updated
2026-07-04
·
CVE-2026-48710
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Starlette versions prior to 1.0.1
Description
Starlette, a lightweight ASGI (Asynchronous Server Gateway Interface) framework, fails to validate the HTTP
Host request header before using it to reconstruct the request.url. While the routing algorithm uses the raw HTTP path, the request.url is rebuilt using the Host header. An attacker can send a specially crafted Host header containing characters such as /, ?, or # to manipulate the path boundaries during re-parsing. This creates a discrepancy where request.url.path differs from the actual requested path. Consequently, security restrictions, such as path-based authentication middleware, that rely on request.url instead of the raw scope path can be bypassed, potentially allowing unauthorized access to protected endpoints or remote code execution through trusted intermediaries in AI infrastructure like MCP gateways.Recommendations
Upgrade to version 1.0.1 or later.
As a temporary workaround, replace the use of
request.url.path with scope["path"] in middleware.
Deploy a reverse proxy that validates or normalizes Host headers before they reach the application.
Move authentication logic from path-based middleware to FastAPI's Depends() function.Exploit
Fix
RCE
DoS
HTTP Request/Response Smuggling
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fastapi
Litellm
Starlette
Vllm