CVE-2025-66577 | yhirose cpp-httplib up to 0.26.x Header get_client_ip X-Forwarded-For neutralization for logs (GHSA-gfpf-r66f-5mh2)

A vulnerability was found in yhirose cpp-httplib up to 0.26.x. It has been declared as problematic. The impacted element is the function get_client_ip of the component Header Handler. Such manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs.

This vulnerability is referenced as CVE-2025-66577. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More