CVE-2026-48818: CWE-918: Server-Side Request Forgery (SSRF) in Kludex starlette
Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \\attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s NTLMv2 credentials for offline cracking or relay even though the HTTP response is only a 404. The issue affects default follow_symlink=False deployments, including frameworks built on Starlette such as FastAPI; POSIX systems and follow_symlink=True are unaffected. The issue is fixed in 1.1.0.
AI Analysis
Technical Summary
CVE-2026-48818 is a Server-Side Request Forgery vulnerability in the Starlette ASGI framework's StaticFiles feature on Windows platforms. When handling UNC paths such as \\attacker.com\share, the os.path.realpath function initiates an outbound SMB connection before rejecting the path, which can leak the service account's NTLMv2 credentials for offline cracking or relay attacks. This occurs in versions prior to 1.1.0 with the default follow_symlink=False setting. The vulnerability does not affect POSIX systems or deployments with follow_symlink=True. The issue is resolved in Starlette version 1.1.0.
Potential Impact
An attacker can cause the vulnerable Starlette server on Windows to make outbound SMB connections to attacker-controlled hosts, exposing the service account's NTLMv2 credentials. These credentials can then be captured for offline cracking or used in relay attacks. The HTTP response to the malicious request is a 404, but the credential exposure occurs nonetheless. This impacts confidentiality but does not affect integrity or availability directly.
Mitigation Recommendations
Upgrade Starlette to version 1.1.0 or later, where this SSRF vulnerability is fixed. If upgrading is not immediately possible, consider deploying on POSIX systems or configuring follow_symlink=True, as these configurations are not affected. Patch status is not explicitly stated in the vendor advisory, but the issue is fixed in version 1.1.0 according to the description.
CVE-2026-48818: CWE-918: Server-Side Request Forgery (SSRF) in Kludex starlette
Description
Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \\attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s NTLMv2 credentials for offline cracking or relay even though the HTTP response is only a 404. The issue affects default follow_symlink=False deployments, including frameworks built on Starlette such as FastAPI; POSIX systems and follow_symlink=True are unaffected. The issue is fixed in 1.1.0.
CVSS v3.1
Score 7.5high
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-48818 is a Server-Side Request Forgery vulnerability in the Starlette ASGI framework's StaticFiles feature on Windows platforms. When handling UNC paths such as \\attacker.com\share, the os.path.realpath function initiates an outbound SMB connection before rejecting the path, which can leak the service account's NTLMv2 credentials for offline cracking or relay attacks. This occurs in versions prior to 1.1.0 with the default follow_symlink=False setting. The vulnerability does not affect POSIX systems or deployments with follow_symlink=True. The issue is resolved in Starlette version 1.1.0.
Potential Impact
An attacker can cause the vulnerable Starlette server on Windows to make outbound SMB connections to attacker-controlled hosts, exposing the service account's NTLMv2 credentials. These credentials can then be captured for offline cracking or used in relay attacks. The HTTP response to the malicious request is a 404, but the credential exposure occurs nonetheless. This impacts confidentiality but does not affect integrity or availability directly.
Mitigation Recommendations
Upgrade Starlette to version 1.1.0 or later, where this SSRF vulnerability is fixed. If upgrading is not immediately possible, consider deploying on POSIX systems or configuring follow_symlink=True, as these configurations are not affected. Patch status is not explicitly stated in the vendor advisory, but the issue is fixed in version 1.1.0 according to the description.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-22T20:57:10.976Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a32e8dcf198dc38c1e3987f
Added to database: 6/17/2026, 6:35:08 PM
Last enriched: 6/17/2026, 6:50:16 PM
Last updated: 6/17/2026, 8:56:08 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.