Known Vulnerabilities for Starlette by Encode
Listed below are 7 of the newest known vulnerabilities associated with "Starlette" by "Encode".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56076 json | PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attack... | Not Provided | 2026-06-18 | 2026-06-22 |
| CVE-2026-54283 json | Starlette is a lightweight ASGI framework/toolkit. From 0.4.1 until 1.3.1, request.form() accepts max_fields and max_part_siz... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-54282 json | Starlette is a lightweight ASGI framework/toolkit. Prior to 1.3.0, the HTTP request path is not validated before being used t... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-49468 json | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, a Host-header parsing ... | Not Provided | 2026-06-22 | 2026-07-08 |
| CVE-2026-48818 json | Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSR... | Not Provided | 2026-06-17 | 2026-06-30 |
| CVE-2026-48817 json | Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and below, when dispatching a request, HTTPEndpoint sele... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-48746 json | vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI we... | Not Provided | 2026-06-22 | 2026-07-07 |
| CVE-2026-48710 json | Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP `Host` request header was not validated b... | Not Provided | 2026-05-26 | 2026-07-10 |
| CVE-2026-45554 json | NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in... | Not Provided | 2026-06-02 | 2026-06-02 |
| CVE-2026-44716 json | Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. From version 0.... | Not Provided | 2026-06-10 | 2026-06-10 |