vulnerability
Ubuntu: USN-8435-1 (CVE-2026-47729): Squid vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jun 16, 2026 | Jun 17, 2026 | Jun 17, 2026 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 16, 2026
Added
Jun 17, 2026
Modified
Jun 17, 2026
Description
It was discovered that Squid incorrectly handled FTP gateway processing
under certain circumstances, which could result in an out-of-bounds read. A
remote attacker could use this issue to cause Squid to crash, resulting in
a denial of service, or possibly obtain sensitive information.
(CVE-2026-47729)
It was discovered that Squid incorrectly handled cache digest processing
under certain circumstances, which could result in a heap-based buffer
overflow. A remote attacker could use this issue to cause Squid to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-50012)
Solution
ubuntu-upgrade-squid
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.