CVE-2025-53628

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: cpp-httplib versions prior to 0.20.1

Description: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Versions prior to 0.20.1 do not have a limit for a unique line, which allows an attacker to allocate memory arbitrarily. This issue is fixed in version 0.20.1.

Recommendations: Update cpp-httplib to version 0.20.1 or later.

Exploit

Fix

Infinite Loop

Allocation of Resources Without Limits

HTTP Request/Response Smuggling

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835CWE-770CWE-444

Related Identifiers

BDU:2026-00101

CVE-2025-53628

ECHO-AFA3-F31F-8C19

GHSA-J6P8-779X-P5PW

GHSA-QJMQ-H3CC-QV6W

OPENSUSE-SU-2026:20295-1

SUSE-SU-2026:20600-1

Affected Products

Debian

Cpp-Httplib

CVE-2025-53628

Weakness Enumeration

Related Identifiers

Affected Products

References · 23