Proxy

vulnerabilities 2026-06-29
Squidbleed: 29-Year-Old Heap Over-Read in Squid Proxy Leaks Cleartext HTTP Traffic (CVE-2026-47729)
A Heartbleed-style heap buffer over-read in Squid's FTP gateway, tracing to a 1997 commit, lets trusted proxy users drain other users' cleartext HTTP requests including credentials, cookies, and session tokens.
linux network-appliance zero-day information-disclosure proxy

Squidbleed: 29-Year-Old Heap Over-Read in Squid Proxy Leaks Cleartext HTTP Traffic (CVE-2026-47729)