Back to the feed

Devtools Open source

Starlette host-header vulnerability exposes auth bypass risk

Hacker News·2h·ylk

A critical CVE in Starlette's host validation lets attackers bypass authentication by manipulating the Host header—a common pitfall in web frameworks. If you're using Starlette for any auth-sensitive work, this is worth reviewing immediately, especially if you rely on host-based routing or checks.

Share𝕏 Reddit

Original story

Read the original on Hacker News

Related stories

Moltnet: self-hostable chat network built for agent-to-agent communication

AI

Moltnet: self-hostable chat network built for agent-to-agent communication

Hacker News Show HN·9m·apresmoi

Rare IBM System/360 archival footage surfaces on storage architecture

Open source

Rare IBM System/360 archival footage surfaces on storage architecture

Hacker News·9m·DaiPlusPlus

Mneme HQ lets you codify architectural rules directly in your repo for AI coding agents

AI

Mneme HQ lets you codify architectural rules directly in your repo for AI coding agents

Hacker News Show HN·9m·Tval

Claude Usage Tray puts Claude Code rate-limit status in your Windows system tray

AI

Claude Usage Tray puts Claude Code rate-limit status in your Windows system tray

Hacker News Show HN·9m·JosephZeng