Techzine Europe

Vulnerability in open-source component puts AI platforms at risk

A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
51CTO

还在用WebSocket做LLM流式传输?FastAPI + SSE让你少踩一半坑

如果你正在用WebSocket给LLM应用做token流式传输,上面这些坑你大概率踩过。WebSocket确实能干活,但它带来的麻烦也不少:连接 ...

数百万AI Agent受开源软件包严重漏洞威胁:BadHost漏洞可致服务器入侵

安全研究人员警告称,全球数百万个AI Agent和工具正受到一个严重漏洞的威胁,该漏洞可能允许黑客入侵运行它们的服务器,并窃取敏感数据和第三方账户凭证。该漏洞存在于Starlette中,这是一个开源框架,其开发者称每周的下载量为3.25亿次。数千个其他开源项目也存在漏洞,因为它们需要Starlette才能工作。该框架是异步服务器网关接口(Asynchronous Server Gateway In ...
GitHub

ID-based RAG FastAPI

This project integrates Langchain with FastAPI in an Asynchronous, Scalable manner, providing a framework for document indexing and retrieval, using PostgreSQL/pgvector. Files are organized into ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...
TheServerSide

OpenAPI, Swagger and Python

The OpenAPI specification, and the Swagger suite of tools built around it, make it incredibly easy for Python developers to create, document and manually test the RESTful APIs they create. Regardless ...