CSOonline

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI models before authentication is checked. Researchers have published details ...
CSOonline

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers and agent infrastructure. A single malformed character in a web request can ...
TechRadar

Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn

Secwest discloses CVE‑2026‑48710 (“BadHost”), a high‑severity flaw in Starlette that lets attackers abuse malformed Host headers to bypass security checks and exfiltrate sensitive data Starlette ...
InfoQ

BadHost Vulnerability Exposes AI Agents, Evaluators, and LLM Gateways

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
GitHub

ID-based RAG FastAPI

This project integrates Langchain with FastAPI in an Asynchronous, Scalable manner, providing a framework for document indexing and retrieval, using PostgreSQL/pgvector. Files are organized into ...
IT-Online

Python Developer

About the RoleA well-established, data-driven organisation is seeking an experienced Python Developer to join its growing technical team. The successful candidate will play a key role in designing, ...
IT-Online

Python Developer – Gauteng Johannesburg North

About the RoleA well-established, data-driven organisation is seeking an experienced Python Developer to join its growing technical team. The successful candidate will play a key role in designing, ...