PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-50012 squid-cache CVE debrief

CVE-2026-50012 is a heap-based buffer overflow vulnerability in Squid, a caching proxy for the Web. The vulnerability exists in the cache digest reply handling, specifically in the peerDigestSwapInMask function in src/peer_digest.cc. This function improperly validates input, allowing a trusted peer to send a maliciously crafted reply to a cache_digest request message, which can trigger the overflow. The attack is limited to Squid instances compiled with the --enable-cache-digests option and configured with cache_peer entries. The issue is fixed in version 7.6. Users of Squid should review their configurations and update to version 7.6 or apply patches as available.

Vendor
squid-cache
Product
squid
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-16
Original CVE updated
2026-07-16
Advisory published
2026-07-16
Advisory updated
2026-07-16

Who should care

Users of Squid, particularly those who have compiled it with the --enable-cache-digests option and configured it with cache_peer entries, should be aware of this vulnerability and take steps to mitigate it. This includes updating to version 7.6 or applying patches as available. Additionally, operators of Squid instances should review their configurations to ensure they are not exposed to this vulnerability.

Technical summary

The vulnerability is caused by an improper input validation bug in the peerDigestSwapInMask function in src/peer_digest.cc. This function handles cache digest replies and can be triggered by a trusted peer sending a maliciously crafted reply to a cache_digest request message. The overflow can lead to potential code execution or denial of service. The attack surface is limited to Squid instances compiled with the --enable-cache-digests option and configured with cache_peer entries. Users should review their configurations to ensure they are not exposed. The fix in version 7.6 addresses this issue by properly validating cache digest replies.

Defensive priority

High

Recommended defensive actions

  • Update Squid to version 7.6 or later
  • Disable cache digests if not required
  • Restrict access to cache_peer entries
  • Monitor for suspicious cache digest activity
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-16T17:16:57.493Z and last modified on 2026-07-16T17:36:21.340Z. The NVD entry is currently Undergoing Analysis. The vulnerability has a CVSS score of 5.5 and a severity of MEDIUM. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor. The CVE record and NVD entry provide the most current information.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T17:16:57.493Z and has not been modified since then. The NVD entry is currently Undergoing Analysis.