29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

Home / Tech / 29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

June 22, 2026 dirk 0 Comments 3 tags

29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy.

The bug traces to a 1997 FTP-parsing change and is still live in Squid’s default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed (

Source: The Hacker News

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 18.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 74.7.227.2 — 1146 requests (recent log) 89.167.35.212 — 324 requests (recent log) 213.209.159.175 — 263 requests (recent

Attack Update: Top 5 Attack-IPs auf doode.info – 17.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 213.209.159.175 — 59 requests (recent log) 192.253.248.169 — 59 requests (recent log) 89.167.35.212 — 53 requests (recent

I admire Fabrice Bellard. He is almost certainly a better overall programmer

I admire Fabrice Bellard. He is almost certainly a better overall programmer Source: Hacker News