Out-of-bounds Read in Squid-cache Squid

CVE-2026-33515

Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory pot…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (13.8th percentile) — read the EPSS interpretation.

Affected products

Squid-cache Squid — versions < 7.5

Weakness classification (CWE)

References

https://github.com/squid-cache/squid/security/advisories/GHSA-84p4-hcx7-jj7c (x_refsource_CONFIRM)
https://github.com/squid-cache/squid/pull/2220 (x_refsource_MISC)
https://github.com/squid-cache/squid/pull/2220#discussion_r2727683637 (x_refsource_MISC)
https://github.com/squid-cache/squid/commit/8138e909d2058d4401e0ad49b583afaec912b165 (x_refsource_MISC)