🟠 High | Source: Microsoft Security Response Center
CVE-2026-50012 is a memory corruption vulnerability in Squid, a widely used open-source web proxy cache, specifically affecting how it processes cache digest replies. Memory corruption flaws of this nature can potentially be exploited to crash the service or, in more severe cases, execute arbitrary code. This advisory has been published by Microsoft, suggesting relevance to Azure environments where Squid may be deployed as part of network or proxy infrastructure.
Security Architect’s Take: Identify any Azure workloads or self-managed VM deployments running Squid as a forward or reverse proxy and apply vendor patches immediately; if a patched version is not yet available, consider restricting cache digest peer communication or disabling ICP/cache digest features as a temporary mitigation.
Original advisory: CVE-2026-50012 Squid: Memory corruption in cache_digest reply handling