{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/squid--7.6/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":6.5,"id":"CVE-2026-47729"},{"cvss":5.5,"id":"CVE-2026-50012"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Squid (\u003c 7.6)","Squid (FTP gateway)"],"_cs_severities":["high"],"_cs_tags":["vulnerability","squid","proxy","data-confidentiality","network-device"],"_cs_type":"advisory","_cs_vendors":["Squid"],"content_html":"\u003cp\u003eOn June 23, 2026, the French National Agency for the Security of Information Systems (ANSSI) CERT-FR issued an advisory highlighting multiple vulnerabilities, identified as CVE-2026-47729 and CVE-2026-50012, in Squid proxy software. These vulnerabilities affect all Squid versions prior to 7.6. An unspecified attacker could exploit these flaws to achieve data confidentiality impairment and other undefined security problems. The presence of these vulnerabilities poses a significant risk to organizations using vulnerable Squid instances, as they could lead to unauthorized access to sensitive information flowing through the proxy or stored on the server. Defenders must prioritize patching to mitigate potential exploitation and safeguard network traffic integrity.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a publicly accessible Squid proxy server running a vulnerable version (prior to 7.6).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts and sends a specially malformed HTTP request or a series of requests to the vulnerable Squid server, targeting either CVE-2026-47729 or CVE-2026-50012.\u003c/li\u003e\n\u003cli\u003eThe Squid proxy's vulnerable component processes the malicious request without proper validation or sanitization.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation of the vulnerability grants the attacker unauthorized access to internal data or network traffic handled by the proxy.\u003c/li\u003e\n\u003cli\u003eThis access leads to the impairment of data confidentiality, allowing the attacker to read or capture sensitive information.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the compromised access to potentially exfiltrate sensitive data from the targeted network.\u003c/li\u003e\n\u003cli\u003eExploitation may also trigger other unspecified security issues within the Squid proxy environment, potentially leading to further compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe identified vulnerabilities in Squid versions prior to 7.6 can lead to a significant compromise of data confidentiality. While the source does not specify victim counts or targeted sectors, any organization utilizing Squid as a proxy, especially for sensitive data transmission, is at risk. Successful exploitation could result in unauthorized access to internal network communications, user credentials, and other proprietary information. The \u0026quot;unspecified security problem\u0026quot; further indicates potential for broader adverse effects beyond just data leakage, such as service disruption or further network penetration. The absence of specific exploit details prevents a precise enumeration of consequences, but the general risk to data confidentiality is high.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update all Squid proxy installations to version 7.6 or later, as recommended in the Squid security bulletins linked in this brief.\u003c/li\u003e\n\u003cli\u003eEnsure network segmentation and firewall rules are in place to restrict access to Squid proxy instances to only necessary sources, limiting the attack surface for CVE-2026-47729 and CVE-2026-50012.\u003c/li\u003e\n\u003cli\u003eDeploy the latest security patches for CVE-2026-47729 and CVE-2026-50012 by following the vendor's documentation at the provided GitHub advisory URLs.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-18T07:05:31Z","date_published":"2026-06-23T11:55:10Z","id":"https://feed.craftedsignal.io/briefs/2026-06-squid-vulnerabilities/","summary":"Multiple vulnerabilities, including CVE-2026-47729 and CVE-2026-50012, have been identified in Squid proxy versions prior to 7.6, allowing an attacker to compromise data confidentiality and cause other unspecified security issues.","title":"Multiple Vulnerabilities in Squid Proxy (CVE-2026-47729, CVE-2026-50012)","url":"https://feed.craftedsignal.io/briefs/2026-06-squid-vulnerabilities/"}],"language":"en","title":"CraftedSignal Threat Feed - Squid (\u003c 7.6)","version":"https://jsonfeed.org/version/1.1"}