cbcvebase.
CVE-2026-33515
published 2026-03-26

CVE-2026-33515: Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP…

PriorityP339medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
1.04%
59.7th percentile
Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.

Affected

4 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 7.5-1 (forky)squid 7.5-1 (forky)
msrcazl3_squid_6.13-3_on_azure_linux_3.0
squid-cachesquid< 7.57.5
squidsquid>= 0 < 7.5-17.5-1

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv6.9MEDIUM
vendor_debian6.9MEDIUM
vendor_redhat6.9MEDIUM
vendor_msrc5.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.