top of page
perceptive_background_267k.jpg

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and set_…

Published:

15 March 2026 at 23:00:00

Alert date:

16 March 2026 at 16:21:26

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Supply Chain & Dependencies

CVE-2026-32627 affects cpp-httplib C++ HTTP/HTTPS library prior to version 0.37.2. When configured with proxy and redirect following enabled, the library silently disables TLS certificate and hostname verification on HTTPS redirects. This allows attackers to intercept connections with forged certificates, potentially capturing credentials and session tokens. The vulnerability requires specific configuration conditions including proxy usage and redirect following to be exploitable.

Technical details

Mitigation steps:

Affected products:

cpp-httplib

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32627
https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-c3h8-fqq4-xm4g

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page