Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2026-33515NVD

Description

Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch.

Severity Level

UNKNOWN

Published Date

26/03/2026

Last Modified

26/03/2026

Exploitation Status

UNKNOWN

References

https://github.com/squid-cache/squid/security/advisories/GHSA-84p4-hcx7-jj7c
https://github.com/squid-cache/squid/pull/2220
https://github.com/squid-cache/squid/pull/2220#discussion_r2727683637
https://github.com/squid-cache/squid/commit/8138e909d2058d4401e0ad49b583afaec912b165