Vulnerability in Yhirose Cpp-httplib

CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service (DoS) vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies (Content-…

EPSS: 0.002 (39.8th percentile) — read the EPSS interpretation.

Affected products

Yhirose Cpp-httplib — versions < 0.30.1

Weakness classification (CWE)

CWE-409 — Improper Handling of Highly Compressed Data (Data Amplification)

References

https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-h934-98h4-j43q (x_refsource_CONFIRM)
https://github.com/yhirose/cpp-httplib/commit/2e2e47bab1ae6a853476eecbc4bf279dd1fef792 (x_refsource_MISC)