CVE-2026-31870
📋 TL;DR
This vulnerability allows any server that a cpp-httplib client connects to (including via redirects or man-in-the-middle attacks) to crash the client application by sending a malformed Content-Length header. The crash is immediate and requires no authentication or user interaction. Any application using vulnerable versions of cpp-httplib's streaming API is affected.
💻 Affected Systems
- cpp-httplib
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Client applications crash immediately and repeatedly when connecting to malicious servers, causing denial of service and potential data loss or service disruption.
Likely Case
Accidental malformed responses from legitimate servers or targeted attacks cause client application crashes and service interruptions.
If Mitigated
With proper input validation and exception handling, malformed headers are rejected gracefully without crashing.
🎯 Exploit Status
Exploitation is trivial - any HTTP server can send a malformed Content-Length header. The advisory includes proof-of-concept details.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.37.1
Vendor Advisory: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-39q5-hh6x-jpxx
Restart Required: Yes
Instructions:
1. Update cpp-httplib to version 0.37.1 or later. 2. Recompile your application with the updated header. 3. Restart the application.
🔧 Temporary Workarounds
Input validation wrapper
allImplement custom input validation for Content-Length headers before passing to cpp-httplib
// C++ code to validate Content-Length before use:
bool isValidContentLength(const std::string& str) {
if (str.empty()) return false;
for (char c : str) {
if (!std::isdigit(c)) return false;
}
try {
unsigned long long val = std::stoull(str);
return true;
} catch (...) {
return false;
}
}
🧯 If You Can't Patch
- Disable use of streaming API in cpp-httplib client code
- Implement network filtering to block or sanitize HTTP responses with malformed Content-Length headers
🔍 How to Verify
Check if Vulnerable:
Check if your application uses cpp-httplib version < 0.37.1 and uses streaming API calls (httplib::stream::Get, httplib::stream::Post, etc.)Check Version:
Check the cpp-httplib.h header file for version information or check your package managerVerify Fix Applied:
Verify cpp-httplib version is 0.37.1 or later and test with malformed Content-Length headers to ensure graceful handling📡 Detection & Monitoring
Log Indicators:
- Application crashes with SIGABRT signals
- std::terminate() calls in crash dumps
- Unexpected process termination during HTTP communication
Network Indicators:
- HTTP responses with non-numeric Content-Length headers
- HTTP redirects to servers sending malformed headers
SIEM Query:
process_name:your_app AND (signal:SIGABRT OR exit_code:134) AND network_protocol:http