A critical vulnerability tracked as CVE-2026-48710, dubbed 'BadHost,' was disclosed in Starlette (versions before 1.0.1), a foundational framework used by FastAPI-based AI infrastructure. The flaw allows attackers to bypass authentication by injecting malicious values into the HTTP Host header, causing middleware to misroute requests and grant unauthorized access to protected API endpoints. Affected platforms explicitly include Google ADK-Python (Gemini's agent development framework) when custom middleware is in use, as well as LLM inference servers, MCP gateways, and AI agent orchestration backends. Successful exploitation can expose LLM endpoints, API keys, internal agent tooling, and AI compute resources without authorization. The vulnerability was discovered by X41 D-Sec during an OSTIF-sponsored audit. Mitigation requires upgrading Starlette to version 1.0.1 or later and avoiding reliance on request.url.path for security decisions in middleware.
// Alert
Gemini threat report
// GeminiHIGH
// Get alerts for Gemini