PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-32748 Squid Cache CVE debrief

CVE-2026-32748 is a high-severity vulnerability in Squid, a caching proxy for the Web. The vulnerability is caused by premature release of resource during expected lifetime and heap Use-After-Free bugs. This allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. The attack is limited to Squid deployments that explicitly enable ICP support. This problem cannot be mitigated by denying ICP queries using icp_access rules. The bug is fixed in Squid version 7.5.

Vendor
Squid Cache
Product
Squid
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-03-26
Original CVE updated
2026-06-30
Advisory published
2026-03-26
Advisory updated
2026-06-30

Who should care

Organizations using Squid for caching and content filtering should prioritize patching this vulnerability. The vulnerability's high CVSS score of 8.7 indicates a significant risk of Denial of Service attacks. ICP support must be explicitly enabled for the vulnerability to be exploitable.

Technical summary

The vulnerability in Squid arises from two primary issues: premature release of resources during their expected lifetime and heap Use-After-Free bugs. These issues are particularly problematic when handling ICP (Internet Cache Protocol) traffic. An attacker can exploit these vulnerabilities to launch a Denial of Service attack against Squid services that have ICP support enabled. The vulnerability is addressed in Squid version 7.5, which fixes the mentioned bugs.

Defensive priority

Patching this vulnerability should be a high priority for organizations using affected versions of Squid. Given the high severity and the potential for reliable Denial of Service attacks, defenders should act quickly to update Squid to version 7.5 or apply other mitigations as recommended by the vendor.

Recommended defensive actions

  • Patch Squid to version 7.5 or later.
  • Disable ICP support if not required.
  • Review and update ICP access controls.
  • Monitor Squid services for unusual activity.
  • Implement additional security measures to protect against Denial of Service attacks.

Evidence notes

The CVE record and NVD detail provide comprehensive information about the vulnerability, including its description, CVSS score, and affected versions. Vendor references and advisories offer guidance on patching and mitigation strategies.

Official resources

This article is AI-assisted and based on the supplied source corpus.