CVE-2026-31870
Received Received - Intake
Unhandled Exception in cpp-httplib Streaming API Causes Client Crash

Publication date: 2026-03-11

Last updated on: 2026-03-18

Assigner: GitHub, Inc.

Description
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API (httplib::stream::Get, httplib::stream::Post, etc.), the library calls std::stoull() directly on the Content-Length header value received from the server with no input validation and no exception handling. std::stoull throws std::invalid_argument for non-numeric strings and std::out_of_range for values exceeding ULLONG_MAX. Since nothing catches these exceptions, the C++ runtime calls std::terminate(), which kills the process with SIGABRT. Any server the client connects to β€” including servers reached via HTTP redirects, third-party APIs, or man-in-the-middle positions can crash the client application with a single HTTP response. No authentication is required. No interaction from the end user is required. The crash is deterministic and immediate. This vulnerability is fixed in 0.37.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-18
Generated
2026-05-06
AI Q&A
2026-03-11
EPSS Evaluated
2026-05-05
NVD
CVE-2026-31870
EUVD
EUVD-2026-11275
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yhirose cpp-httplib to 0.37.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-248 An exception is thrown from a function, but it is not caught.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-31870 is a high-severity vulnerability in the cpp-httplib C++ library, specifically affecting versions prior to 0.37.1 when using its streaming API (such as httplib::stream::Get or Post). The vulnerability occurs because the library calls std::stoull() directly on the Content-Length header value received from an HTTP response without validating the input or handling exceptions.

If the Content-Length header contains a non-numeric string or an excessively large number, std::stoull() throws exceptions (std::invalid_argument or std::out_of_range) that are not caught. This causes the C++ runtime to call std::terminate(), which immediately aborts the process with a SIGABRT signal, crashing the client application.

This crash can be triggered by any server the client connects to, including those reached via HTTP redirects or man-in-the-middle attacks, without requiring authentication or user interaction. The vulnerability is fixed in version 0.37.1.


How can this vulnerability impact me? :

This vulnerability can cause a remote denial of service (DoS) by crashing any application using the cpp-httplib streaming API when it receives a malicious HTTP response with a malformed Content-Length header.

  • The crash is immediate and deterministic, leading to process termination.
  • No authentication or user interaction is required to trigger the crash.
  • Applications fetching data from user-supplied URLs, third-party APIs, or following HTTP redirects are vulnerable.
  • On systems without automatic process restart, this can cause permanent denial of service.
  • Repeated exploitation can keep the affected service down, impacting availability.

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability causes the cpp-httplib client application to crash immediately when it receives an HTTP response with a malformed Content-Length header while using the streaming API. Detection can be done by monitoring for unexpected process terminations or crashes (SIGABRT) of applications using cpp-httplib streaming API.'}, {'type': 'paragraph', 'content': 'Since the crash is triggered by malformed Content-Length headers, network detection can involve capturing HTTP responses and inspecting the Content-Length header for non-numeric or excessively large values.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect potential exploitation or vulnerability presence include:'}, {'type': 'list_item', 'content': 'Monitor application logs or system logs for crashes or SIGABRT signals related to the cpp-httplib client process.'}, {'type': 'list_item', 'content': 'Use network packet capture tools like tcpdump or Wireshark to filter HTTP responses and check Content-Length headers. For example, using tcpdump:'}, {'type': 'list_item', 'content': "tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep -i 'Content-Length'"}, {'type': 'list_item', 'content': 'Manually inspect captured HTTP responses for malformed Content-Length headers such as non-numeric strings or extremely large numbers.'}] [1]


What immediate steps should I take to mitigate this vulnerability?

The primary mitigation is to upgrade the cpp-httplib library to version 0.37.1 or later, where the vulnerability is fixed by adding proper input validation and exception handling around the Content-Length header parsing in the streaming API.

If upgrading is not immediately possible, as a temporary workaround, applications using the streaming API should wrap calls to the streaming functions (e.g., httplib::stream::Get, Post, etc.) in try/catch blocks to handle exceptions from std::stoull and prevent process termination.

Additionally, consider monitoring and filtering HTTP responses from untrusted or suspicious servers to block responses with malformed Content-Length headers.

In summary, the immediate steps are:

  • Upgrade cpp-httplib to version 0.37.1 or later.
  • Implement try/catch exception handling around streaming API calls if upgrading is not feasible.
  • Monitor and filter HTTP responses to detect and block malformed Content-Length headers.

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart