Modern C++ Reading List 2026 -- the safety + security canon

This page is the curated, quarterly-refreshed reference for the modern + secure + safe-by-default C++ conversation as it stands in May 2026. The companion piece is the essay C++ Safety State of the Union: May 2026 — read that for narrative; come back here when you need to dig into a specific source.

Editorial bias: implementation-grade sources only. Committee papers, first-hand industry deployment reports, named expert bloggers. No hot-take aggregators.

The committee’s papers

WG21 publishes papers in monthly mailings; the May 2026 mailing dropped early this month (116 papers, pre-Brno). The papers below are the load-bearing ones for the safety story:

• P2900R14 Contracts (Berne, Doumler, Krzemienski et al.) — the C++26 contracts proposal as adopted. Four evaluation semantics, replaceable violation handler, per-TU granularity. Contested vote (114-12-3) at Croydon.
• P3471R4 Hardened standard library (Varlamov, Dionne) — the first standard library consumer of Contracts. Includes the Google deployment data (0.3% perf cost / 1000+ bugs).
• P2996R12 Reflection (Childers, Sutton, Revzin, Yang et al.) — the foundation for user-library safety patterns.
• P3970R0 Profiles and Safety: a call to action (Vandevoorde, Garland, McKenney, Orr, Stroustrup, Wong; Jan 2026) — the timeline-defending paper. Names three milestones to keep profiles on track for C++29.
• D3984R0 A type-safety profile (Stroustrup; Jan 2026) — the concrete proposal that sits on top of P3589R1 Profiles framework (Dos Reis).
• P5000R1 Direction for ISO C++29 (Vandevoorde, Garland, McKenney, Orr, Stroustrup, Wong; R0 Feb 2026, revised May 2026) — the formal direction-setting paper for the next standard. Safety is the named headline axis.
• P3543R0 Response to P3081 (Gill, Jabot, Lakos, Berne, Doumler) — the Bloomberg-led counter-paper that contributed to the C++26 profile deferral. Argues granularity, error reporting, and migration paths need rework.
• P3294 Token sequence injection (Revzin, Alexandrescu, Vandevoorde) — the C++29 candidate that wro.cpp’s “Where this is heading” triptych sections all gesture at. Re-revised in the May 2026 mailing.

The talks worth your hour

Five videos that frame the 2026 conversation:

• “Reflection Is Only Half the Story” — Barry Revzin, C++Now 2026 keynote (4 May, Aspen). The tour of source-code-generation design space across Rust, Swift, D. Video drops ~mid-June; until then the wro.cpp coverage at revzin-reflection-is-only-half is the best secondary.
• “Concept-based Generic Programming” — Bjarne Stroustrup, CppCon 2025 keynote (re-shared on isocpp.org May 2026). The mechanism C++ has had since C++20 for safe user-extension of the type system. Pair-reads well with the reflection arc.
• “C++: Growing in a world of competition, safety, and AI” — Herb Sutter, BeCPP Symposium 2026 (March 30, Howest). The SlashData developer-growth data + the regulatory-pressure framing in 60 minutes. Local coverage: cpp-fastest-growing-2025.
• “Making C++ Standard Parallelism Multidimensional” — Mark Hoemmen, C++Now 2026 (May 6). std::execution extended to multidimensional parallelism. Touches the simd-in-cpp-2026 toolset entry.
• “Benchmarking - It’s About Time” — Matt Godbolt, C++Now 2026 (May 8). Performance measurement done right. Touches the profiling-cpp-2026 toolset entry.

The industry deployment reports

What the people who ship C++ at scale actually wrote down:

• Chromium memory safety page — the canonical first-hand account. 70% of high-severity bugs are memory bugs; library hardening + LLVM plugins + presubmit checks + MiraclePtr; sandboxing economics.
• Google “Retrofits Spatial Memory Safety Onto C++” (The New Stack) — MiraclePtr cut use-after-free bugs by 57%. V8 heap sandbox beta. Project Naptime. The numbers the rest of the industry quotes.
• Android memory safety docs — > 60% of high-severity vulnerabilities are memory bugs; Android 12+ ships systematic mitigations; MTE adoption status.
• “How Google Is Improving C++ Memory Safety” — Chandler Carruth’s attribution of the LLVM-side tipping point to Apple’s libc++ safe-buffers work. The “we no longer have to make painful tradeoffs of performance or security” line.
• C++ Trends 2026 (Slackism) — the only single-page survey of the rollout state across vendors as of early 2026. Useful as an index even if you read it skeptically.

The blog posts

Named bloggers writing through 2026 — the ones who’ve earned the editorial trust to be worth your hour:

• “Legacy Safety: The Wroclaw C++ Meeting” (cor3ntin) — the best community-side write-up of how the committee worked through the profiles-vs-Safe-C++ question. The Wroclaw venue is why this reading list exists.
• “What reinterpret_cast doesn’t do” (Andreas Fertig, 2026-05-18). Plus the sibling std::launder post (2026-05-05) and the noexcept-move post (2026-05-20). The object-lifetime trilogy. Local coverage: fertig-reinterpret-cast.
• “Contracts in C++26. Four Practical Use Cases” (Andreas Müller, April 2026) — the most usable production playbook for P2900 contracts I’ve found.
• “Practical Security in Production” (ACM Queue) — the sanitizer-matrix mindset, fuzzing as invariant-oracle, contracts-as-fuzz-target.
• “Safe C++ proposal flames out” (InfoWorld) and “Safe C++ all but abandoned” (The Register) — the press coverage of the Hagenberg vote outcome. Useful for the external-narrative framing of the technical decision.

The wro.cpp coverage

Eight permanent reference pages that go deep where this reading list is index-shallow:

• hardened-stdlib — one CMake line + Google’s deployment data; covers what this reading list mentions as “P3471 in practice.”
• memory-safety-cpp26-and-beyond — the umbrella page; what shipped in C++26 vs what’s deferred to C++29; cross-cuts all sections above.
• sanitizers-2026 — ASan / UBSan / TSan / MSan / HWASan matrix; CI patterns; reflection-driven schema lint that catches what sanitizers can’t.
• lifetime-safety-2026 — [[clang::lifetimebound]] + -Wdangling-* + the lifetime profile + reflection-driven borrow lint.
• testing-for-safety-2026 — the four coverage levels (example / property / fuzz / differential); how contracts compose with fuzz targets.
• cpp-coding-standards — MISRA C++:2023 / SEI CERT C++ / JSF AV C++ side-by-side; reflection-driven rule bundles.
• qualified-compilers — ISO 26262 / IEC 61508 / DO-178C / IEC 62304 vendor matrix; TCL qualification kits.
• cpp-supply-chain-2026 — vcpkg / Conan / SBOM (CycloneDX) / CVE feeds; reflection-driven SBOM component manifest.

The regulatory references

The policy framing without which the technical conversation makes no sense:

• CISA Memory Safe Languages directive — the Jan 2026 deadline for manufacturer memory-safety roadmaps. The directive itself is short; the CISA + NSA + FBI joint guidance fills out the framing.
• EU Cyber Resilience Act (CRA) — comparable obligations for software placed on the EU market.
• “C++ creator calls for action to address ‘serious attacks’” (The Register, March 2025) — the public-facing report of Stroustrup’s “credible threat” framing.
• “C++ founder champions profiles for memory safety” (InfoWorld, March 2025) — the same framing with more committee-process detail.
• Stroustrup’s February 2025 note to WG21 — the primary source for the “unprecedented, serious attacks on C++” language. His full papers list at the same URL.

Reviewed: 2026-05-21. Quarterly refresh; next review 2026-08-21. Companion essay: C++ Safety State of the Union: May 2026.