週に3億回超ダウンロードされているオープンソースパッケージ「Starlette」の脆弱性により数百万のAIエージェントが危険にさらされる

世界中の数百万ものAIエージェントやツールが利用しているオープンソースフレームワーク「Starlette」には重大な脆弱(ぜいじゃく)性が存在すると、セキュリティ研究者のマルクス・ヴェルヴィエ氏が警告しています。
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Techzine Europe

Vulnerability in open-source component puts AI platforms at risk

A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...

Worrying open-source security issue 'BadHost' could affect millions of AI agents

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
InfoQ

FastAPI-MCP: Simplifying the Integration of FastAPI with AI Agents

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...