BadHost - CVE-2026-48710 Starlette Host-Header Auth Bypass
news
mcp-scan.nemesis.services
IrregularChat: Full Stack Dev
May 27
BadHost (CVE-2026-48710), also tracked as X41-2026-002, GHSA-86qp-5c8j-p5mr, and PYSEC-2026-161, is a critical authentication bypass affecting Starlette and many FastAPI-based applications. The issue
BadHost - CVE-2026-48710 Starlette Host-Header Auth Bypass
news
mcp-scan.nemesis.services
IrregularChat: AI & Autonomy
May 27
BadHost (CVE-2026-48710), also tracked as X41-2026-002, GHSA-86qp-5c8j-p5mr, and PYSEC-2026-161, is a critical authentication bypass affecting Starlette and many FastAPI-based applications. The issue
Reverse proxy - Headscale
news
headscale.net
A+X0OOoCCmYECWcEkq9lplVwRIOdWkR36M6M6P6hKuI=
Dec 29
Running Headscale behind a reverse proxy is beneficial for managing multiple applications on a single server, typically utilizing the same external IP and port (commonly TCP/443 for HTTPS). It's cruci