CVE-2026-46527

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. When a server using cpp-httplib has configured trusted proxies, a remote attacker can send a specially crafted HTTP request with a malformed X-Forwarded-For header. This can lead to undefined behavior, resulting in abnormal process...

EUVD-2026-33425

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

EUVD-2026-9496

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

CVE-2026-22776 cpp-httplib vulnerable to a denial of service (DOS) using a zip bomb

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

OESA-2025-2854 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled...

AZL-61836 CVE-2025-47436 affecting package orc 0.4.39-2

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

The vulnerability of the standard C++ library for Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the standard C++ library for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

cpp-httplib 注入漏洞

cpp-httplib is an HTTP/HTTPS server and client library written in C++. A security vulnerability exists in cpp-httplib versions prior to 0.12.4 that stems from vulnerability to CRLF injection, which can lead to logic errors and other misbehavior...

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that stems from the presence of a heap-based buffer overflow problem...

Bento4 Post-Release Reuse Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A resource management error vulnerability exists in the 'AP4Sample::GetOffset' function of the Core/Ap4Sample.h file in Bento4 version 1.5.1.0. The vulnerability stems from mismanagement of system resources e.g., memory, disk...