Is there a public PoC exploit available for CVE-2025-62168?

Yes, a public proof-of-concept exploit is available for CVE-2025-62168. Prioritise patching immediately. EPSS: 12.7%.

Squid Proxy CVE-2025-62168

MEDIUM

N/A vendor:alpine

Information Disclosure

Lifecycle Timeline

Analysis Generated

May 27, 2026 - 23:06 vuln.today

DescriptionCVE.org

Alpine Linux: squid fixed in 7.3-r0

AnalysisAI

Squid web proxy on Alpine Linux is affected by a vulnerability addressed in Alpine package version 7.3-r0. The upstream nature and technical mechanism of this vulnerability are not disclosed in available intelligence - the CVE description contains only the fix reference with no detail on impact, attack vector, or affected functionality. Despite sparse public disclosure, the EPSS score of 12.69% (94th percentile) indicates a statistically elevated exploitation probability relative to the broader CVE population, making this a notable tracking priority even in the absence of confirmed active exploitation or a CISA KEV listing.

Technical ContextAI

Squid is a widely-deployed open-source caching and forwarding web proxy supporting HTTP, HTTPS, FTP, and other protocols, commonly used in enterprise and ISP environments. The affected package is the Alpine Linux apk-packaged build of Squid at version 7.3-r0, where '7.3' refers to the upstream Squid release and 'r0' denotes the initial Alpine package revision. No CWE classification has been assigned, so the root cause class - whether memory corruption, access control failure, input validation error, or another class - is unconfirmed. No CPE strings were provided, preventing precise version boundary identification beyond the Alpine packaging context.

Affected ProductsAI

Alpine Linux installations running the Squid proxy package prior to version 7.3-r0 are confirmed affected per the Alpine Linux vendor advisory. No upstream Squid project advisory or version range beyond the Alpine package boundary was provided in available intelligence. Exact Alpine Linux distribution versions (e.g., Alpine 3.x edge vs. stable) carrying the vulnerable package are not specified in the provided data. Administrators should consult the Alpine Linux security tracker and the official Alpine package repository to identify which Alpine release streams received the 7.3-r0 fix.

RemediationAI

The primary fix is to upgrade the Squid package on Alpine Linux to version 7.3-r0 or later using the Alpine package manager: 'apk update && apk upgrade squid'. This is the vendor-confirmed fix per the Alpine Linux security report. Because no CVSS vector or technical description is available, targeted compensating controls cannot be precisely scoped - however, standard Squid hardening applies as interim measures: restrict access to the Squid proxy port (default 3128) to known internal hosts via firewall rules, disable unused Squid features such as FTP proxying or SNMP if not required, and ensure Squid is not exposed to untrusted networks. Monitor the Alpine security tracker at https://security.alpinelinux.org and the Squid project advisories for additional technical detail as the CVE matures.

CVE-2025-62168 vulnerability details – vuln.today

Back