Vulnerability in Yhirose Cpp-httplib
CVE-2026-54919
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPH…
Vulnerability class: Improper Certificate Validation
CVSS v3 metric
CVSS v3 base score 7.4 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N.
Affected products
- Yhirose Cpp-httplib — versions >= 0.31.0, < 0.47.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)
Frequently asked questions
- What is CVE-2026-54919?
- CVE-2026-54919 is a high-severity vulnerability in Yhirose Cpp-httplib, classified under Improper Certificate Validation. CVSS score: 7.4/10. Published 2026-07-10.
- How severe is CVE-2026-54919?
- High severity. CVSS v3 base score is 7.4 out of 10.