Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-01T17:06:29.997901+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4ffeca87-e3af-4048-8da5-7630cbce0e75/export 4ffeca87-e3af-4048-8da5-7630cbce0e75 2026-06-01T17:06:30.008474+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4ffeca87-e3af-4048-8da5-7630cbce0e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48710", "type": "seen", "source": "https://bsky.app/profile/barredspirals.comint.su/post/3mmv4k56npckp", "content": "snake cultists just can't stop winning https://www.cyberkendra.com/2026/05/badhost-cve-2026-48710-one-rogue-header.html", "creation_timestamp": "2026-05-28T03:50:17.710705Z"} 2026-05-28T03:50:17.710705+00:00 https://vulnerability.circl.lu/sighting/c91e3dd0-c21a-4cc1-a543-10bd249af774/export c91e3dd0-c21a-4cc1-a543-10bd249af774 2026-06-01T17:06:30.008401+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c91e3dd0-c21a-4cc1-a543-10bd249af774", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://bsky.app/profile/hackmag.com/post/3mmvagyksh22s", "content": "\ud83d\udfe2 BadHost vulnerability in the Starlette framework poses a threat to AI agents\n\n\ud83d\udde8\ufe0f Researchers are warning about a critical vulnerability, CVE-2026-48710, discovered in the open-source Starlette framewor\u2026\n\n#news", "creation_timestamp": "2026-05-28T05:00:04.988037Z"} 2026-05-28T05:00:04.988037+00:00 https://vulnerability.circl.lu/sighting/edfcdaac-d6f9-4657-9696-7f4fab19eb46/export edfcdaac-d6f9-4657-9696-7f4fab19eb46 2026-06-01T17:06:30.008329+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "edfcdaac-d6f9-4657-9696-7f4fab19eb46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://t.me/GithubRedTeam/86224", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a BadHost-CVE-2026-48710-Exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Bhanunamikaze\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-28 09:59:49\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-28T10:00:04.000000Z"} 2026-05-28T10:00:04+00:00 https://vulnerability.circl.lu/sighting/db696083-5854-4010-9ab3-05a9275c8dcd/export db696083-5854-4010-9ab3-05a9275c8dcd 2026-06-01T17:06:30.008256+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "db696083-5854-4010-9ab3-05a9275c8dcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mmz4cnayqv2u", "content": "CVE-2026-48710: A Maintainer's Perspective\nDiscussion | lobsters | Author: gi0baro", "creation_timestamp": "2026-05-29T17:56:42.587905Z"} 2026-05-29T17:56:42.587905+00:00 https://vulnerability.circl.lu/sighting/af0b9594-8e31-4da4-932a-d971eb0279fd/export af0b9594-8e31-4da4-932a-d971eb0279fd 2026-06-01T17:06:30.008183+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "af0b9594-8e31-4da4-932a-d971eb0279fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mmz4swfbr52b", "content": "\ud83d\udd12 CVE-2026-48710: A Maintainer's Perspective\n\nCVE-2026-48710 describes a Starlette vulnerability where manipulating the `Host` header can cause `request.url.path` to differ from the...\n\nhttps://tinyurl.com/zatfcn8k #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-29T18:05:48.740920Z"} 2026-05-29T18:05:48.740920+00:00 https://vulnerability.circl.lu/sighting/3b5d7360-4bf0-4c24-91db-66f39266ce4c/export 3b5d7360-4bf0-4c24-91db-66f39266ce4c 2026-06-01T17:06:30.008106+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3b5d7360-4bf0-4c24-91db-66f39266ce4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48710", "type": "seen", "source": "https://gist.github.com/ftnext/074404c5d80f15c7c37295f2b36e5516", "content": "# https://github.com/ftnext/fastapi-playground/blob/aeda2c2992f446a58bf43f176b31ad523d85715f/starlette-cve-2026-48710-badhost/run_fastapi_app.py\nfrom fastapi import FastAPI, Request\nfrom fastapi.responses import PlainTextResponse\nfrom fastapi.testclient import TestClient\n\napp = FastAPI()\n\n\n@app.middleware(\"http\")\nasync def auth_middleware(request: Request, call_next):\n print(f\"{request.url=}, {request.url.path=}\")\n if request.url.path == \"/\":\n return await call_next(request)\n return PlainTextResponse(\"Forbidden\\n\", status_code=403)\n\n\n@app.get(\"/\")\nasync def root():\n return PlainTextResponse(\"Hello, world\\n\")\n\n\n@app.get(\"/admin\")\nasync def admin():\n return PlainTextResponse(\"secret=123\\n\")\n\n\nclient = TestClient(app)\n\nres1 = client.get(\"/admin\", headers={\"Host\": \"foo\"})\nassert res1.status_code == 403, f\"{res1.text=}\"\nres2 = client.get(\"/admin\", headers={\"Host\": \"foo/?\"})\nassert res2.status_code == 403, f\"{res2.text=}\"\n", "creation_timestamp": "2026-05-30T13:26:41.000000Z"} 2026-05-30T13:26:41+00:00 https://vulnerability.circl.lu/sighting/56ba7423-78aa-45fb-af7c-4760e111e4d5/export 56ba7423-78aa-45fb-af7c-4760e111e4d5 2026-06-01T17:06:30.008025+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "56ba7423-78aa-45fb-af7c-4760e111e4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48710", "type": "seen", "source": "https://gist.github.com/ftnext/5e100b157e57e68e4c1aee0f43da8593", "content": "# https://github.com/ftnext/fastapi-playground/blob/aeda2c2992f446a58bf43f176b31ad523d85715f/starlette-cve-2026-48710-badhost/run_starlette_app.py\nfrom starlette.applications import Starlette\nfrom starlette.middleware import Middleware\nfrom starlette.middleware.base import BaseHTTPMiddleware\nfrom starlette.responses import PlainTextResponse\nfrom starlette.routing import Route\nfrom starlette.testclient import TestClient\n\n\nclass AuthMiddleware(BaseHTTPMiddleware):\n async def dispatch(self, request, call_next):\n print(f\"{request.url=}, {request.url.path=}\")\n if request.url.path == \"/\":\n return await call_next(request)\n return PlainTextResponse(\"Forbidden\\n\", status_code=403)\n\n\nasync def root(request):\n return PlainTextResponse(\"Hello, world\\n\")\n\n\nasync def admin(request):\n return PlainTextResponse(\"secret=123\\n\")\n\n\nroutes = [\n Route(\"/\", endpoint=root),\n Route(\"/admin\", endpoint=admin),\n]\napp = Starlette(routes=routes, middleware=[Middleware(AuthMiddleware)])\n\nclient = TestClient(app)\n\nres1 = client.get(\"/admin\", headers={\"Host\": \"foo\"})\nassert res1.status_code == 403, f\"{res1.text=}\"\nres2 = client.get(\"/admin\", headers={\"Host\": \"foo/?\"})\nassert res2.status_code == 403, f\"{res2.text=}\"\n", "creation_timestamp": "2026-05-30T13:28:23.000000Z"} 2026-05-30T13:28:23+00:00 https://vulnerability.circl.lu/sighting/b2a75a7b-5e7e-4257-94fc-5fc1430a8af2/export b2a75a7b-5e7e-4257-94fc-5fc1430a8af2 2026-06-01T17:06:30.007919+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b2a75a7b-5e7e-4257-94fc-5fc1430a8af2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48710", "type": "seen", "source": "https://gist.github.com/ftnext/024e0a57b95821714e2c6081d3e6d533", "content": "# https://github.com/ftnext/fastapi-playground/blob/eb6dd9b7861ced2168a24d7c27647af0e4b5f175/starlette-cve-2026-48710-badhost/run_starlette_app.py\n# https://x41-dsec.de/lab/advisories/x41-2026-002-starlette/\nfrom starlette.applications import Starlette\nfrom starlette.middleware import Middleware\nfrom starlette.middleware.base import BaseHTTPMiddleware\nfrom starlette.responses import PlainTextResponse\nfrom starlette.routing import Route\nfrom starlette.testclient import TestClient\n\n\nclass AuthMiddleware(BaseHTTPMiddleware):\n async def dispatch(self, request, call_next):\n print(f\"{request.url=}, {request.url.path=}\")\n if request.url.path == \"\" or request.url.path == \"/\":\n return await call_next(request)\n return PlainTextResponse(\"Forbidden\\n\", status_code=403)\n\n\nasync def root(request):\n return PlainTextResponse(\"Hello, world\\n\")\n\n\nasync def admin(request):\n return PlainTextResponse(\"secret=123\\n\")\n\n\nroutes = [\n Route(\"/\", endpoint=root),\n Route(\"/admin\", endpoint=admin),\n]\napp = Starlette(routes=routes, middleware=[Middleware(AuthMiddleware)])\n\nclient = TestClient(app)\n\nres1 = client.get(\"/admin\", headers={\"Host\": \"foo\"})\nassert res1.status_code == 403, f\"{res1.text=}\"\nres2 = client.get(\"/admin\", headers={\"Host\": \"foo?\"})\nassert res2.status_code == 403, f\"{res2.text=}\"\n", "creation_timestamp": "2026-05-30T13:29:46.000000Z"} 2026-05-30T13:29:46+00:00 https://vulnerability.circl.lu/sighting/c43ee021-f484-49a8-a586-c204e8b77351/export c43ee021-f484-49a8-a586-c204e8b77351 2026-06-01T17:06:30.007808+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c43ee021-f484-49a8-a586-c204e8b77351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://bsky.app/profile/spinscale.bsky.social/post/3mna4vsvu2r2t", "content": "CVE-2026-48710: A Maintainer's Perspective\n\nInteresting story about a CVE notification from a non-paid open source maintainer perspective, where the other side treated him more as a full time worker on the project.\n\nmarcelotryle.com/blog/2026/05...", "creation_timestamp": "2026-06-01T12:56:04.438942Z"} 2026-06-01T12:56:04.438942+00:00 https://vulnerability.circl.lu/sighting/278cd667-0af5-4d5e-810b-ee56d0872f6d/export 278cd667-0af5-4d5e-810b-ee56d0872f6d 2026-06-01T17:06:30.005911+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "278cd667-0af5-4d5e-810b-ee56d0872f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://bsky.app/profile/foursignalsdev.bsky.social/post/3mnadtt3bpv2l", "content": "BadHost (CVE-2026-48710) bypasses Starlette auth via malformed Host headers. Affects 325M weekly downloads, exposing AI agents, LLM gateways, and MCP servers. Patch Starlette and enforce Host validation at edge.", "creation_timestamp": "2026-06-01T15:02:22.806416Z"} 2026-06-01T15:02:22.806416+00:00