A heap over-read in Squid, dubbed Squidbleed (CVE-2026-47729), can leak another userโs cleartext HTTP requests, including credentials or session tokens, to any trusted client already allowed to use the same proxy. The issue traces back to a 1997 FTP-parsing change, affects Squidโs default configuration, and is fixed by a small parser guard or by disabling FTP entirely. #Squid #Squidbleed #CVE-2026-47729
Keypoints
- Squidbleed can expose cleartext HTTP requests from other proxy users.
- The flaw is tracked as CVE-2026-47729 in Squid.
- It comes from a long-standing FTP directory-listing parser bug.
- An attacker must already have access to the same proxy and control an FTP server.
- Fixes include patching Squid correctly or disabling FTP support.
Read More: https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html