Copyright © 2012 Red Hat, Inc. All rights reserved. Critical 2026-05-26T21:54:54 starlette: Starlette: Security restriction bypass via malformed HTTP Host header 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CWE-1289

A flaw was found in Starlette, a lightweight ASGI (Asynchronous Server Gateway Interface) framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP `Host` request header. This malformed header could cause the `request.url` to be incorrectly reconstructed, leading to a discrepancy with the actual requested path. Consequently, security restrictions enforced by middleware and endpoints that rely on `request.url` for validation could be bypassed, potentially allowing unauthorized access or actions.

The impact is rated as Critical because path-based authentication and access control middleware can be completely bypassed by an unauthenticated remote attacker using a crafted HTTP Host header. Starlette reconstructs `request.url` by combining the HTTP Host header value with the request path, but performs no validation on the Host header. An attacker can inject path separators or query characters into the Host header (e.g., `Host: example.com/health?x=`), causing `request.url.path` to return a value that differs from the actual HTTP `request path` used for routing. Middleware that enforces authentication or authorization decisions based on `request.url.path` will evaluate the injected path rather than the real one, allowing the attacker to reach protected endpoints. With regard to CVSS metrics, the Attack Vector (AV) is Network and Privileges Required (PR) is None, because the attack requires only the ability to send HTTP requests with a crafted Host header. User interaction is not required. Red Hat Satellite / Insights (IoP): The starlette package is included as a dependency of Connexion, but this flaw is rated Low impact because these services do not use path-based authentication middleware and all services are deployed behind reverse proxies. OpenShift Lightspeed (OLS): The starlette package is included as a dependency, but this flaw is rated Low impact because authentication is enforced via Kubernetes TokenReview/SubjectAccessReview through FastAPI dependency injection, not path-based middleware; request.url.path is only used for metrics and response header application. Deploying an RFC-compliant reverse proxy (such as nginx, Apache, HAProxy, or Caddy) in front of the ASGI server will reject malformed Host headers before they reach the application. This is the most straightforward mitigation that does not require code changes. If custom middleware is present, it should be updated to use `request.scope["path"]` instead of `request.url.path` for any security decisions. The ASGI scope path is derived from the HTTP request line and is not influenced by the Host header, so it reflects the actual request target. Exploit Intelligence Affected exploit-intelligence-tech-preview/vulnerability-analysis-rhel9 Migration Toolkit for Applications 8 Affected mta/mta-solution-server-rhel9 OpenShift Lightspeed Affected openshift-lightspeed/lightspeed-ocp-rag-rhel9 OpenShift Lightspeed Affected openshift-lightspeed/lightspeed-service-api-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-cpu-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-cuda-rhel9 Red Hat AI Inference Server Will not fix rhaiis/vllm-neuron-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-rocm-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-spyre-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-tpu-rhel9 Red Hat AI Inference Server Affected rhaii/vllm-cpu-rhel9 Red Hat AI Inference Server Affected rhaii/vllm-cuda-rhel9 Red Hat AI Inference Server Will not fix rhaii/vllm-gaudi-rhel9 Red Hat AI Inference Server Will not fix rhaii/vllm-neuron-rhel9 Red Hat AI Inference Server Affected rhaii/vllm-rocm-rhel9 Red Hat AI Inference Server Affected rhaii/vllm-spyre-rhel9 Red Hat AI Inference Server Will not fix rhaii/vllm-tpu-rhel9 Red Hat Ansible Automation Platform 2 Not affected ansible-automation-platform-25/lightspeed-chatbot-rhel8 Red Hat Ansible Automation Platform 2 Affected ansible-automation-platform-26/lightspeed-chatbot-rhel9 Red Hat Ansible Automation Platform 2 Not affected ansible-automation-platform-26/mcp-tools-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-aws-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-azure-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-azure-rocm-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-gaudi-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-gcp-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-rocm-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/disk-image-cuda-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-automl-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-built-in-detector-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-caikit-nlp-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-caikit-tgis-serving-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-feature-server-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-guardrails-detector-huggingface-runtime-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-kserve-agent-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-kserve-autogluon-server-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-kserve-controller-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-kserve-router-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-kserve-storage-initializer-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-llama-stack-core-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-llm-d-kv-cache-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-mlflow-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-mlserver-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-th06-cpu-torch210-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-th06-cuda130-torch210-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-th06-rocm64-torch291-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-training-cuda128-torch29-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-trustyai-nemo-guardrails-server-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-vllm-cuda-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-vllm-gaudi-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-vllm-rocm-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9 Red Hat OpenShift AI (RHOAI) Affected rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9 Red Hat Satellite 6 Affected satellite/foreman-mcp-server-rhel9 Red Hat Satellite 6 Affected satellite/iop-advisor-engine-rhel9 Red Hat Satellite 6 Affected satellite/iop-host-inventory-rhel9 Red Hat Satellite 6 Affected satellite/iop-vmaas-rhel9 Red Hat Satellite 6 Affected satellite/iop-vulnerability-engine-rhel9 https://www.cve.org/CVERecord?id=CVE-2026-48710 https://nvd.nist.gov/vuln/detail/CVE-2026-48710 https://badhost.org https://github.com/Kludex/starlette/commit/764dab0dcfb9033d75442d7a359645c9f94648c6 https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr https://github.com/pypa/advisory-database/tree/main/vulns/starlette/PYSEC-2026-161.yaml https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette https://www.secwest.net/starlette https://www.x41-dsec.de/lab/advisories/x41-2026-002-starlette