Description
Squid is a caching proxy for the Web. Prior to 7.6, due to an improper input validation bug in cache digest reply handling (peerDigestSwapInMask in src/peer_digest.cc), Squid is vulnerable to a heap-based buffer overflow: a cache digest's on-the-wire size may be larger than the mask_size declared within the digest, so a trusted peer sending a maliciously crafted reply to a cache_digest request message can trigger the overflow. This attack is limited to Squid instances compiled with the --enable-cache-digests option and configured with cache_peer entries. This issue is fixed in version 7.6.
Published: 2026-07-16
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap‑based buffer overflow in the cache_digest reply handling of Squid can be triggered by a trusted server that sends specially crafted replies. The flaw stems from improper input validation when processing cache digest messages. Exploitation results in a denial of service, terminating or crashing the Squid process for the victim server.

Affected Systems

The vulnerability affects the Squid caching proxy server. No specific Squid version numbers are listed, so any installation running an unpatched version of Squid that processes cache_digest replies is potentially exposed.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. EPSS is not available and the issue is not in CISA KEV, suggesting limited evidence of exploitation in the wild. The attacker must be a trusted server within the network, able to send crafted cache_digest replies to the vulnerable Squid instance. Successful exploitation would be internal or hybrid, causing a service disruption of the proxy.

Generated by OpenCVE AI on June 26, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest Squid release, which patches the cache_digest input validation flaw.
  • If an immediate patch is unavailable, disable the cache_digest feature or configure Squid to reject cache digest replies from untrusted sources.
  • Segregate or restrict network traffic so that only authorized servers can communicate with Squid, and employ ACLs or firewall rules to limit the scope of trust.

Generated by OpenCVE AI on June 26, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6360-1 squid security update
History

Thu, 16 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in Squid. Due to improper input validation, a heap-based buffer overflow can occur when processing cache digests. This issue allows a trusted server to cause a denial of service when sending specially crafted replies to cache_digest request messages. Squid is a caching proxy for the Web. Prior to 7.6, due to an improper input validation bug in cache digest reply handling (peerDigestSwapInMask in src/peer_digest.cc), Squid is vulnerable to a heap-based buffer overflow: a cache digest's on-the-wire size may be larger than the mask_size declared within the digest, so a trusted peer sending a maliciously crafted reply to a cache_digest request message can trigger the overflow. This attack is limited to Squid instances compiled with the --enable-cache-digests option and configured with cache_peer entries. This issue is fixed in version 7.6.
Title squid: memory corruption in cache_digest reply handling Squid: Memory corruption in cache_digest reply handling
Weaknesses CWE-20
References

Fri, 26 Jun 2026 05:30:00 +0000

Type Values Removed Values Added
First Time appeared Squid-cache
Squid-cache squid
Vendors & Products Squid-cache
Squid-cache squid

Fri, 26 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in Squid. Due to improper input validation, a heap-based buffer overflow can occur when processing cache digests. This issue allows a trusted server to cause a denial of service when sending specially crafted replies to cache_digest request messages.
Title squid: memory corruption in cache_digest reply handling
Weaknesses CWE-122
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H'}

threat_severity

Moderate


Subscriptions

Squid-cache Squid
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-07-16T16:11:34.488Z

Reserved: 2026-06-02T22:46:02.579Z

Link: CVE-2026-50012

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-23T00:00:00Z

Links: CVE-2026-50012 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T05:15:16Z

Weaknesses
  • CWE-122

    Heap-based Buffer Overflow

  • CWE-20

    Improper Input Validation