Researchers disclosed Squidbleed on June 23, a heap buffer overread in the Squid caching proxy that traces back to a commit dated January 18, 1997. The flaw lives in Squid's FTP directory listing parser: a malformed listing causes Squid to read past a heap-allocated buffer and return that stale data to the client, which can include another user's HTTP request, authorization headers or API keys. The bug is tracked as CVE-2026-47729 and a patch was merged into Squid 8 in April and backported to 7.6 in June.

What makes Squidbleed notable is how it was found. The disclosing team credits Anthropic's Claude Mythos Preview — the partner-only model that has been auditing systemically important software under Project Glasswing — with spotting the unsafe `strchr` quirk inside the FTP parser almost immediately. Human reviewers then confirmed the heap layout, produced a proof-of-concept and coordinated the fix. The 29-year shelf life is the point: this is the kind of subtle, single-function bug in widely deployed C code that has historically resisted both fuzzers and human audits, and an LLM agent was the first reader to flag it.

Squid runs in a lot of places its operators no longer think about: corporate egress proxies, school networks, libraries, cafe and conference Wi-Fi. The risk is highest exactly where many users share one Squid instance, because that is where the leaked bytes belong to someone else. Squidbleed lands in the same week Five Eyes cyber agencies jointly warned about frontier-AI-driven attack timelines and OpenAI shipped GPT-5.5-Cyber under its Daybreak program. Two months after Project Glasswing began, the score for AI-assisted bug discovery on critical open-source infrastructure is now in the thousands.

A takeaway for learners: if you are studying security or software engineering, the path forward is not picking a side between manual review and AI tooling — it is learning to pair them. The pattern that found Squidbleed (LLM flags the suspicious line, human builds the heap-layout reasoning and the proof-of-concept) is going to be the default for vulnerability research within a year. Get fluent in both halves now.