Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AC:H reflects the required MITM position and non-default backend/IP-literal preconditions; PR:N/UI:N as attacker needs no auth or victim action; C:H/I:H for read-and-modify, A:N.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIB_MBEDTLS_SUPPORT or CPPHTTPLIB_WOLFSSL_SUPPORT and a client connects to an IP-literal host with server certificate verification enabled, SSLClient and Client in HTTPS mode skip certificate chain validation and WebSocketClient on the Mbed TLS backend skips verification altogether, allowing a man-in-the-middle attacker positioned to intercept traffic to present a crafted certificate and read or modify the traffic. This issue is fixed in version 0.47.0.
AnalysisAI
TLS certificate validation bypass in cpp-httplib's Mbed TLS backend (0.31.0-0.46.1) and wolfSSL backend (0.33.0-0.46.1) lets a man-in-the-middle attacker defeat HTTPS/WSS protection when a client connects to an IP-literal host with verification nominally enabled. SSLClient/Client in HTTPS mode skip certificate chain validation and the WebSocketClient on Mbed TLS skips verification entirely, so an intercepting attacker can present a crafted certificate and read or alter traffic. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of the following concrete conditions: the target application must be compiled with CPPHTTPLIB_MBEDTLS_SUPPORT (Mbed TLS backend, versions 0.31.0-0.46.1) or CPPHTTPLIB_WOLFSSL_SUPPORT (wolfSSL backend, versions 0.33.0-0.46.1); the client (SSLClient/Client in HTTPS mode, or WebSocketClient on Mbed TLS) must connect to an IP-literal host rather than a DNS hostname; server certificate verification must be enabled (the bug is that it is silently skipped anyway); and the attacker must occupy a man-in-the-middle position able to intercept and relay the victim's traffic. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N, base 7.4 High) is internally consistent with a MITM certificate-validation bypass: no authentication or user interaction is required, but AC:H correctly reflects the precondition that the attacker must already hold a privileged network position to intercept traffic. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can position themselves on the network path (rogue Wi-Fi, ARP/DNS spoofing, or a compromised upstream hop) waits for a cpp-httplib client built with the Mbed TLS or wolfSSL backend to make an HTTPS or WebSocket connection to a server addressed by IP literal. The attacker terminates the TLS session with a self-signed or otherwise untrusted certificate, which the client accepts without chain validation, letting the attacker transparently read and modify API credentials, tokens, or payloads. … |
| Remediation | Vendor-released patch: upgrade the bundled cpp-httplib header to version 0.47.0 or later (https://github.com/yhirose/cpp-httplib/releases/tag/v0.47.0), which corresponds to fix commit fa981cedae004ea9d946f1392b9dec22fac6fee6; because cpp-httplib is header-only, downstream projects must rebuild after replacing the header rather than relying on a shared-library update. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all internal and third-party applications using cpp-httplib 0.31.0-0.46.1 (Mbed TLS backend) or 0.33.0-0.46.1 (wolfSSL backend); flag as high-priority risk. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Cpp Httplib
View allcpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allow
CVE-2025-53628 is a memory exhaustion vulnerability in cpp-httplib versions prior to 0.20.1 that allows unauthenticated
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Rated high severity (CVSS 7.5), this vulnerabilit
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http head
CVE-2025-53629 is a Denial of Service vulnerability in cpp-httplib versions prior to 0.23.0 that allows unauthenticated
cpp-httplib versions prior to 0.30.1 are vulnerable to denial of service attacks due to insufficient validation of decom
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. [CVSS 7.5 HIGH]
Cpp-Httplib versions up to 0.30.0 contains a vulnerability that allows attackers to add extra headers, modify request bo
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, whic
Remote denial of service in cpp-httplib prior to version 0.37.0 allows unauthenticated attackers to crash server process
A security vulnerability in cpp-httplib (CVSS 5.3) that allows attacker-controlled http headers. Risk factors: public Po
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. [CVSS 5.3 MEDIUM]
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42942