Summary

On June 23, 2026 researchers at Calif.io disclosed Squidbleed (CVE-2026-47729), a heap buffer over-read in the Squid proxy's FTP parser that has gone undetected for about 29 years and can leak adjacent users' HTTP request headers, Authorization tokens, API keys, and session credentials. The researchers found it with the aid of Anthropic's Claude Mythos Preview, the model behind Project Glasswing.

What changed

Calif.io publicly disclosed Squidbleed (CVE-2026-47729), a decades-old heap over-read in Squid's FTP parser affecting default configurations, and credited Anthropic's Claude Mythos Preview with quickly spotting the bug after being pointed at the relevant C code.

Why it matters

A frontier model surfacing a 29-year-old memory-safety bug that survived decades of audits is a concrete data point that AI can materially strengthen vulnerability research, reframing advanced models as offensive-and-defensive security tooling, not just coding assistants.

Evidence excerpt

Calif.io researchers discovered Squidbleed with the aid of Anthropic's Claude Mythos Preview, the model behind Project Glasswing; the FTP parser reads beyond a buffer into memory that may contain another user's uncleared HTTP request data, leaking Authorization tokens, API keys, and session credentials.

Sources