A significant vulnerability in the widely used Squid web proxy, nicknamed "Squidbleed," can leak fragments of users' cleartext HTTP traffic to other authorized users on the same proxy. The flaw, officially tracked as CVE-2026-47729, is a memory disclosure bug that traces its origin to a code change made in 1997.