CVE-2026-47729 is a 29‑year‑old memory‑leak in Squid that, until this spring, could silently exfiltrate plaintext HTTP requests — including credentials and session tokens — from proxies deployed in cleartext or TLS‑terminating setups.
How the bug works: an FTP parser that walks off the end of a string
The flaw, dubbed "Squidbleed" by researcher Lam Jun Rong, is rooted in Squid’s FTP directory‑listing parser. A commit from 1997 (bb97dd37a) intended to handle idiosyncratic NetWare FTP listings added this loop: while (strchr(w_space, *copyFrom)) ++copyFrom;.
Rong and Mythos Preview found that when an attacker‑controlled FTP server omitted a filename after the modification timestamp, copyFrom could point to the terminating NUL character. As Rong put it, "strchr treats that terminating NUL as part of the string it searches, so it returns a pointer instead of NULL, and the loop never stops." The code "walks off the end of the buffer, and xstrdup copies whatever follows back to the attacker as a filename," producing a heap overread that can leak whatever was in adjacent memory — often HTTP requests containing passwords or API keys.
Why it persisted: a 1997 commit and legacy FTP support
The problematic commit dates to 1997 and was introduced to accommodate NetWare servers, which inserted extra whitespace between timestamps and filenames. NetWare is a discontinued network operating system whose FTP listings required special handling; the 1997 change explicitly skipped extra whitespace to restore compatibility.
That legacy support matters because Squid continues to implement FTP directory parsing. The issue only triggers under two conditions: the proxy must be able to inspect cleartext HTTP traffic (or be terminating TLS) and the proxy must be permitted to contact an attacker‑controlled FTP server over TCP port 21. In other words, the vulnerability combines an old code path with current deployment patterns that still allow FTP access.
Discovery, disclosure, and the fix
Calif.io researcher Lam Jun Rong says he first encountered the vulnerable Squid while trying to connect to the internet on a flight; the aircraft’s Squid instance was “released nearly 10 years ago and is affected by the vulnerability,” he wrote. Rong investigated the bug with help from Anthropic’s Claude Mythos Preview, reported it to Squid’s maintainers in April, and the issue was fixed in Squid v7.6, released June 8.
Rong described the patch succinctly: "The patch is simple: check for the null terminator before calling strchr." Squid maintainers implemented the correction and published the June release to address CVE‑2026‑47729.
What this means for technologists, enterprises, and end users
- Technologists and security teams: Audit Squid instances for version and configuration. If your proxies handle cleartext HTTP or terminate TLS, upgrade to Squid v7.6 (June 8 release) and apply the patch that checks for the null terminator before calling strchr.
- Affected enterprises and procurement leaders: Recognize that widely used infrastructure like Squid can carry decades‑old code paths with unexpected risk. Where FTP is not required, follow Rong’s advice to "disable FTP unless there’s a specific, unusual need for it" to eliminate the attack surface.
- End users and general IT operators: Be aware that HTTP requests passing through intermediaries can contain sensitive data. Chromium‑based browsers stopped supporting FTP years ago, and Rong notes that "most organizations running Squid are getting close to zero legitimate FTP traffic" — turning FTP off therefore removes the entire attack vector for many deployments.
Implications and a narrow, practical takeaway
Squidbleed is a reminder that a small parsing oversight inserted in 1997 can remain dormant for decades and be rediscovered by fresh tooling: Rong’s research involved an interaction with Anthropic’s Claude Mythos Preview, and his team reported the flaw to Squid maintainers in April. The vulnerability exemplifies how legacy protocol support — here, FTP — can open modern systems to exfiltration risks when proxies inspect traffic in cleartext or terminate TLS.
If you run Squid: download the June release that contains the fix, and if you have no compelling business need for FTP, disable it to "remove this entire attack surface for free," as Rong advises. For operators who cannot disable FTP, the explicit null‑terminator check applied in v7.6 is the immediate mitigation.
