'Squidbleed' Vulnerability Exposed: 29-Year-Old Squid Proxy Flaw Leaks Plaintext HTTP Requests
A 29-year-old security vulnerability, CVE-2026-47729, dubbed 'Squidbleed,' has been disclosed in the widely used Squid web proxy server. The flaw allows an authorized proxy user to extract fragments of other users' plaintext HTTP requests, potentially exposing credentials and session tokens. The discovering researcher credited Anthropic's Claude Mythos Preview AI model as instrumental in the find.
Highlights
- CVE-2026-47729, dubbed 'Squidbleed,' is a 29-year-old vulnerability in the Squid open-source web proxy server dating back to approximately 1996.
- The flaw allows an already-authorized proxy user to extract plaintext HTTP request fragments from other users, including credentials and session tokens.
- Squid describes the attack vector as originating from a 'trusted client,' posing the greatest risk in multi-user enterprise, academic, and ISP proxy environments.
- Anthropic's Claude Mythos Preview AI model was credited by the discovering researcher as instrumental in identifying the vulnerability.
- Squid administrators are urged to monitor official security advisories and apply patches immediately to reduce exposure.
'Squidbleed' Vulnerability Exposed: 29-Year-Old Squid Proxy Flaw Leaks Plaintext HTTP Requests
A security vulnerability lurking for approximately 29 years has been disclosed in the widely deployed Squid web proxy server software. Tracked as CVE-2026-47729 and dubbed 'Squidbleed' by researchers — a name deliberately evoking the infamous Heartbleed vulnerability — the flaw has drawn significant attention from the cybersecurity community.
Vulnerability Overview
According to reporting by The Hacker News, the vulnerability allows a user who has already been granted authorized access to a proxy server to extract fragments of other users' plaintext HTTP requests. Information potentially exposed includes:
- Usernames and passwords (credentials)
- Session tokens
- Other sensitive HTTP request content
The Squid project characterizes the issue as an attack originating from a "trusted client" — meaning the attacker is not an arbitrary host on the internet, but rather an internal user already permitted to use the proxy. This makes the vulnerability particularly relevant to corporate network environments where multiple users share a common proxy server.
AI-Assisted Discovery
Notably, the security researcher who reported the vulnerability highlighted that Anthropic's Claude Mythos Preview large language model played a significant role in the discovery process. The disclosure serves as another data point illustrating the growing practical value of AI tools in modern security research.
Scope and Impact
Squid is an open-source web proxy and caching software widely deployed across enterprise networks, academic institutions, and ISP (Internet Service Provider) infrastructure worldwide. The fact that this flaw has reportedly existed since approximately 1996 has alarmed the security community.
Squid administrators are strongly advised to monitor official security advisories and apply available patches promptly to mitigate risk.
Sources: Slashdot, The Hacker News
原文來源: 查看原文
FAQ
Newsletter
Subscribe to our Low-Altitude Industry Newsletter
Daily curated news on low-altitude economy and drone industry, delivered to your inbox.
