Decades-Old Squid Proxy Flaw 'Squidbleed' Can Expose User Data

Security researchers at Calif.io have disclosed a memory leak vulnerability in Squid Proxy that has existed in the software since 1997.

Squid is a widely used open source web proxy that can reduce bandwidth and improve response times via caching. Squid supports HTTP, HTTPS, FTP, and other protocols.

Calif researchers discovered that Squid is affected by a vulnerability that is similar to the notorious OpenSSL vulnerability known as Heartbleed, which is why they have dubbed it Squidbleed.

Officially tracked as CVE-2026-47729, the vulnerability causes Squid’s FTP parser to read beyond the boundary of a memory buffer, into a region that may contain a previous user’s uncleared HTTP request data.

Exploitation requires the attacker to control an FTP server reachable from the proxy. Squidbleed poses the biggest risk in shared proxy environments, such as corporate networks, schools, and public Wi-Fi hotspots, where multiple users may route traffic via the same Squid instance.