Squid Proxy Vulnerabilities Enable Data Leakage

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in the Squid proxy server, particularly affecting version 7.6 and earlier releases. The flaws include out‑of‑bounds reads, heap‑based buffer overflows, and data‑leakage paths that can be triggered through the FTP gateway and cache‑digest components. Exploitation may allow an attacker to read confidential transaction data from other sessions or, in the worst case, execute arbitrary code on the proxy host. Because Squid is commonly deployed at the network edge to accelerate web traffic, a successful compromise could disrupt service availability, expose sensitive client information, and undermine trust in the organization’s web infrastructure.[emaillocker id="1283"]

• CVE-2026-47729 – An out‑of‑bounds read in the FTP gateway component can be triggered by a trusted client interacting with a malformed FTP server, allowing leakage of data from unrelated sessions; exploitation requires network access to the proxy and a crafted FTP response.
• CVE-2026-50012 – A heap‑based buffer overflow in the cache‑digest handling code can be exploited by a trusted server sending maliciously crafted cache_digest replies, potentially leading to service crash or arbitrary code execution; the flaw is only present when Squid is built with the –enable‑cache‑digests option.

Overall, these vulnerabilities pose a high risk to organizations that rely on Squid for web acceleration, especially those running the affected versions with cache‑digest support. If exploited, attackers could steal confidential data or gain control of the proxy, leading to service disruption, data breach, and reputational damage. Prompt attention to these issues is essential to protect critical network services.

RECOMMENDATION:

• We recommend you to update Squid Proxy to version 7.6.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/squid-proxy-vulnerabilities-patched/