Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1126 vulnerabilities by Citrix

    CERTFR-2026-AVI-0885

    Vulnerability from certfr_avis - Published: 2026-07-15 - Updated: 2026-07-15

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix Citrix Secure Access client Secure Access Client versions antérieures à 26.6.1.20 pour Windows
    Citrix N/A Endpoint Analysis Client versions antérieures à 26.5.1.7 pour Windows
    Citrix XenServer XenCenter versions antérieures à 2026.4.0
    Citrix XenServer XenCenter SDK client versions antérieures à 26.15.0 pour PowerShell et C#
    References
    Bulletin de sécurité Citrix CTX696811 2026-07-14 vendor-advisory
    Bulletin de sécurité Citrix CTX696734 2026-07-14 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Secure Access Client versions ant\u00e9rieures \u00e0 26.6.1.20 pour Windows",
          "product": {
            "name": "Citrix Secure Access client",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Analysis Client versions ant\u00e9rieures \u00e0 26.5.1.7 pour Windows",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "XenCenter versions ant\u00e9rieures \u00e0 2026.4.0",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "XenCenter SDK client versions ant\u00e9rieures \u00e0 26.15.0 pour PowerShell et C#",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-53565",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-53565"
        },
        {
          "name": "CVE-2026-42491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42491"
        },
        {
          "name": "CVE-2026-53566",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-53566"
        }
      ],
      "initial_release_date": "2026-07-15T00:00:00",
      "last_revision_date": "2026-07-15T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0885",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-07-15T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2026-07-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696811",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696811\u0026articleURL=XenServer_Security_Update_for_CVE_2026_42491"
        },
        {
          "published_at": "2026-07-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696734",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734\u0026articleURL=Citrix_Secure_Access_Client_for_Windows_and_Citrix_Endpoint_Analysis_Client_for_Windows_Security_Bulletin_for_CVE_2026_53565_and_CVE_2026_53566"
        }
      ]
    }

    CERTFR-2026-AVI-0822

    Vulnerability from certfr_avis - Published: 2026-07-01 - Updated: 2026-07-01

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler ADC NetScaler ADC versions 13.1-FIPS et 13.1-NDcPP antérieures à 13.1.37.272
    Citrix NetScaler NetScaler ADC et NetScaler Gateway versions 13.1 antérieures à 13.1-63.18
    Citrix NetScaler ADC NetScaler ADC versions 14.1-FIPS antérieures à 14.1-72.61 FIPS
    Citrix NetScaler NetScaler ADC et NetScaler Gateway versions 14.1 antérieures à 14.1-72.61
    References
    Bulletin de sécurité Citrix CTX696604 2026-06-30 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler ADC  versions 13.1-FIPS et 13.1-NDcPP ant\u00e9rieures \u00e0 13.1.37.272",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC\u202fet NetScaler Gateway versions 13.1 ant\u00e9rieures \u00e0 13.1-63.18",
          "product": {
            "name": "NetScaler",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC  versions 14.1-FIPS ant\u00e9rieures \u00e0 14.1-72.61 FIPS",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC\u202fet NetScaler Gateway versions 14.1 ant\u00e9rieures \u00e0 14.1-72.61",
          "product": {
            "name": "NetScaler",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-8452",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8452"
        },
        {
          "name": "CVE-2026-8451",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8451"
        },
        {
          "name": "CVE-2026-10817",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-10817"
        },
        {
          "name": "CVE-2026-10816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-10816"
        },
        {
          "name": "CVE-2026-8655",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8655"
        },
        {
          "name": "CVE-2026-13474",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-13474"
        }
      ],
      "initial_release_date": "2026-07-01T00:00:00",
      "last_revision_date": "2026-07-01T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0822",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-07-01T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2026-06-30",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696604",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
        }
      ]
    }

    CERTFR-2026-AVI-0510

    Vulnerability from certfr_avis - Published: 2026-04-29 - Updated: 2026-04-29

    De multiples vulnérabilités ont été découvertes dans Citrix XenServer. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer versions 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX696527 2026-04-28 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer versions 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23559"
        },
        {
          "name": "CVE-2026-23558",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23558"
        },
        {
          "name": "CVE-2025-54505",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-54505"
        },
        {
          "name": "CVE-2026-23556",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23556"
        },
        {
          "name": "CVE-2026-23561",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23561"
        },
        {
          "name": "CVE-2026-23560",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23560"
        }
      ],
      "initial_release_date": "2026-04-29T00:00:00",
      "last_revision_date": "2026-04-29T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0510",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-04-29T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix XenServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-04-28",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696527",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696527\u0026articleURL=XenServer_Security_Update_for_Multiple_Issues"
        }
      ]
    }

    CERTFR-2026-AVI-0358

    Vulnerability from certfr_avis - Published: 2026-03-25 - Updated: 2026-03-25

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer versions 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX696397 2026-03-25 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer versions 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-4397",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4397"
        }
      ],
      "initial_release_date": "2026-03-25T00:00:00",
      "last_revision_date": "2026-03-25T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0358",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696397",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696397\u0026articleURL=XenServer_Security_Update_for_CVE_2026_4397"
        }
      ]
    }

    CERTFR-2026-AVI-0337

    Vulnerability from certfr_avis - Published: 2026-03-23 - Updated: 2026-03-23

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler Gateway NetScaler Gateway  versions 14.0.x antérieures à 14.1-66.59
    Citrix NetScaler ADC NetScaler ADC versions 14.0.x antérieures à 14.1-66.59
    Citrix NetScaler ADC NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions antérieures à 13.1.37.262
    Citrix NetScaler Gateway NetScaler Gateway  versions 13.1.x antérieures à 13.1-62.23
    Citrix NetScaler ADC NetScaler ADC versions 13.1.x antérieures à 13.1-62.23
    References
    Bulletin de sécurité Citrix CTX696300 2026-03-23 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler Gateway\u202f versions 14.0.x ant\u00e9rieures \u00e0 14.1-66.59",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 14.0.x ant\u00e9rieures \u00e0 14.1-66.59",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions ant\u00e9rieures \u00e0 13.1.37.262",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway\u202f versions 13.1.x ant\u00e9rieures \u00e0 13.1-62.23",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 13.1.x ant\u00e9rieures \u00e0 13.1-62.23",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-4368",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4368"
        },
        {
          "name": "CVE-2026-3055",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3055"
        }
      ],
      "initial_release_date": "2026-03-23T00:00:00",
      "last_revision_date": "2026-03-23T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0337",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-23T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2026-03-23",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696300",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300\u0026articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2026_3055_and_CVE_2026_4368"
        }
      ]
    }

    CERTFR-2026-AVI-0311

    Vulnerability from certfr_avis - Published: 2026-03-18 - Updated: 2026-03-18

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer 8.4 sans les derniers correctifs de sécurité
    References
    Bulletin de sécurité Citrix CTX696350 2026-03-17 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer 8.4 sans les derniers correctifs de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23554",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23554"
        }
      ],
      "initial_release_date": "2026-03-18T00:00:00",
      "last_revision_date": "2026-03-18T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0311",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-18T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-03-17",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696350",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696350\u0026articleURL=XenServer_Security_Update_for_CVE_2026_23554"
        }
      ]
    }

    CERTFR-2026-AVI-0090

    Vulnerability from certfr_avis - Published: 2026-01-27 - Updated: 2026-01-27

    De multiples vulnérabilités ont été découvertes dans Citrix XenServer. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer version 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX695997 2026-01-27 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer version 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23553",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23553"
        },
        {
          "name": "CVE-2025-58151",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58151"
        }
      ],
      "initial_release_date": "2026-01-27T00:00:00",
      "last_revision_date": "2026-01-27T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0090",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-01-27T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix XenServer. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-01-27",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695997",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695997\u0026articleURL=XenServer_Security_Update_for_CVE_2025_58151_and_CVE_2026_23553"
        }
      ]
    }

    CERTFR-2025-AVI-1081

    Vulnerability from certfr_avis - Published: 2025-12-09 - Updated: 2025-12-09

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer 8.4 sur processeur AMD Zen 5 sans le microgiciel incluant le correctif de sécurité AGESA PI 1.0.0.4
    References
    Bulletin de sécurité Citrix CTX695797 2025-12-08 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": " XenServer 8.4 sur processeur AMD Zen 5 sans le microgiciel incluant le correctif de s\u00e9curit\u00e9 AGESA PI 1.0.0.4",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-62626",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62626"
        }
      ],
      "initial_release_date": "2025-12-09T00:00:00",
      "last_revision_date": "2025-12-09T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-1081",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-12-09T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2025-12-08",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695797",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695797\u0026articleURL=XenServer_Security_Update_for_CVE_2025_62626"
        }
      ]
    }

    CERTFR-2025-AVI-0987

    Vulnerability from certfr_avis - Published: 2025-11-12 - Updated: 2025-11-12

    Une vulnérabilité a été découverte dans les produits Citrix. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler ADC NetScaler ADC versions 13.1-FIPS et NDcPP antérieures à 13.1-37.250-FIPS et NDcPP
    Citrix NetScaler Gateway NetScaler Gateway versions 14.x antérieures à 14.1-56.73
    Citrix NetScaler ADC NetScaler ADC versions 12.1-FIPS et 12.1-NDcPP antérieures à 12.1-55.333-FIPS et NDcPP
    Citrix NetScaler ADC NetScaler ADC versions 14.x antérieures à 14.1-56.73
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 13.1-60.32
    Citrix NetScaler ADC Netscaler ADC versions antérieures à 13.1-60.32
    References
    Bulletin de sécurité Citrix CTX695486 2025-11-11 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler ADC versions 13.1-FIPS et NDcPP ant\u00e9rieures \u00e0 13.1-37.250-FIPS et NDcPP",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions 14.x ant\u00e9rieures \u00e0 14.1-56.73",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 12.1-FIPS et 12.1-NDcPP ant\u00e9rieures \u00e0 12.1-55.333-FIPS et NDcPP",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 14.x ant\u00e9rieures \u00e0 14.1-56.73",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-60.32",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "Netscaler ADC versions ant\u00e9rieures \u00e0 13.1-60.32",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-12101",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-12101"
        }
      ],
      "initial_release_date": "2025-11-12T00:00:00",
      "last_revision_date": "2025-11-12T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0987",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-11-12T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Citrix. Elle permet \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2025-11-11",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695486",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695486\u0026articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_12101"
        }
      ]
    }

    CVE-2026-53566 (GCVE-0-2026-53566)

    Vulnerability from nvd – Published: 2026-07-14 13:12 – Updated: 2026-07-14 13:56
    VLAI
    Title
    Out-of-bounds memory read
    Summary
    Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows. This issue affects Citrix Secure Access Client for Windows: before 26.6.1.20.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Citrix Citrix Secure Access Client for Windows Affected: 0 , < 26.6.1.20 (patch)
    Create a notification for this product.
    Date Public
    2026-07-14 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53566",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T13:56:00.733974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T13:56:09.574Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Citrix Secure Access Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26.6.1.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows.\u003cp\u003eThis issue affects Citrix Secure Access Client for Windows: before 26.6.1.20.\u003c/p\u003e"
                }
              ],
              "value": "Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows.\n\nThis issue affects Citrix Secure Access Client for Windows: before 26.6.1.20."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T13:12:57.829Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Out-of-bounds memory read",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2026-53566",
        "datePublished": "2026-07-14T13:12:57.829Z",
        "dateReserved": "2026-06-09T18:32:47.375Z",
        "dateUpdated": "2026-07-14T13:56:09.574Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53565 (GCVE-0-2026-53565)

    Vulnerability from nvd – Published: 2026-07-14 12:49 – Updated: 2026-07-15 04:00
    VLAI
    Title
    Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
    Summary
    Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Date Public
    2026-07-14 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T04:00:59.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Secure Access Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26.6.1.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Citrix Endpoint Analysis Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26. 5.1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows.\u003cp\u003eThis issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.\u003c/p\u003e"
                }
              ],
              "value": "Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows.\n\nThis issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T12:49:17.998Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2026-53565",
        "datePublished": "2026-07-14T12:49:17.998Z",
        "dateReserved": "2026-06-09T18:32:47.375Z",
        "dateUpdated": "2026-07-15T04:00:59.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8655 (GCVE-0-2026-8655)

    Vulnerability from nvd – Published: 2026-06-30 12:46 – Updated: 2026-06-30 13:33
    VLAI
    Title
    Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8655",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:33:42.732082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:33:48.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMultiple Memory overflow vulnerabilities in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as an LB of type Oracle\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u0026nbsp;\u003c/strong\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS Proxy\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS recursive resolver deployment\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Multiple Memory overflow vulnerabilities in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if\u00a0NetScaler ADC is configured as an LB of type Oracle\u00a0OR\u00a0NetScaler ADC is configured as a DNS Proxy\u00a0OR\u00a0NetScaler ADC is configured as a DNS recursive resolver deployment"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.118Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8655",
        "datePublished": "2026-06-30T12:46:28.140Z",
        "dateReserved": "2026-05-15T06:14:09.794Z",
        "dateUpdated": "2026-06-30T13:33:48.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8452 (GCVE-0-2026-8452)

    Vulnerability from nvd – Published: 2026-06-30 12:41 – Updated: 2026-06-30 13:37
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8452",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:36:43.132060Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:37:04.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMemory overflow vulnerability\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if the a\u003c/span\u003e\u003cspan\u003eppliance is configured as a\u0026nbsp;\u003c/span\u003e\u003cspan\u003eGateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or \u003c/span\u003e\u003cspan\u003eAAA virtual server\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a\u00a0Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:57:25.158Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8452",
        "datePublished": "2026-06-30T12:41:07.622Z",
        "dateReserved": "2026-05-13T00:35:55.317Z",
        "dateUpdated": "2026-06-30T13:37:04.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8451 (GCVE-0-2026-8451)

    Vulnerability from nvd – Published: 2026-06-30 12:33 – Updated: 2026-06-30 13:43
    VLAI KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • awe-125
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPs , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:43:33.940474Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:43:41.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPs",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;leading to memory overread if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC or NetScaler Gateway is configured as a SAML IDP\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to memory overread if\u00a0NetScaler ADC or NetScaler Gateway is configured as a SAML IDP"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "awe-125",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:55:53.680Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8451",
        "datePublished": "2026-06-30T12:33:08.999Z",
        "dateReserved": "2026-05-13T00:35:53.452Z",
        "dateUpdated": "2026-06-30T13:43:41.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13474 (GCVE-0-2026-13474)

    Vulnerability from nvd – Published: 2026-06-30 13:03 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Denial of service via malformed HTTP/2 requests
    Summary
    Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing release of memory after effective lifetime
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:27:19.468802Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eDenial of service via malformed HTTP/2 requests in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eHTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Denial of service via malformed HTTP/2 requests in\u00a0NetScaler ADC and NetScaler Gateway\u00a0if\u00a0HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing release of memory after effective lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:04:29.537Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Denial of service via malformed HTTP/2 requests",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-13474",
        "datePublished": "2026-06-30T13:03:40.967Z",
        "dateReserved": "2026-06-26T22:24:26.657Z",
        "dateUpdated": "2026-06-30T13:27:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10817 (GCVE-0-2026-10817)

    Vulnerability from nvd – Published: 2026-06-30 12:58 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:08.900923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:19.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation leading to memory overread in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the\u0026nbsp;\u003c/span\u003e\u003cspan\u003eTCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.850Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10817",
        "datePublished": "2026-06-30T12:58:38.850Z",
        "dateReserved": "2026-06-04T05:49:25.173Z",
        "dateUpdated": "2026-06-30T13:28:19.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10816 (GCVE-0-2026-10816)

    Vulnerability from nvd – Published: 2026-06-30 12:52 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Arbitrary File Read (Unauthenticated)
    Summary
    Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External control of file name or path
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:37.909957Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:45.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eArbitrary File Read (Unauthenticated) in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the a\u003c/span\u003e\u003cspan\u003eccess to NSIP, Cluster Management IP or SNIP with management access is enabled\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Arbitrary File Read (Unauthenticated) in\u00a0NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External control of file name or path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:59:25.926Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary File Read (Unauthenticated)",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10816",
        "datePublished": "2026-06-30T12:52:14.461Z",
        "dateReserved": "2026-06-04T05:48:47.634Z",
        "dateUpdated": "2026-06-30T13:28:45.455Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3055 (GCVE-0-2026-3055)

    Vulnerability from nvd – Published: 2026-03-23 20:21 – Updated: 2026-03-31 03:55
    VLAI CISA Shadowserver KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.262 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Create a notification for this product.
    Date Public
    2026-03-23 19:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3055",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-30",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-31T03:55:32.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-30T00:00:00.000Z",
                "value": "CVE-2026-3055 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.262",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-03-23T19:20:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient input validation in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;configured as a SAML IDP\u0026nbsp;\u003c/span\u003eleading to\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;memory overread\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0configured as a SAML IDP\u00a0leading to\u00a0memory overread"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T20:21:27.107Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-3055",
        "datePublished": "2026-03-23T20:21:27.107Z",
        "dateReserved": "2026-02-23T18:00:08.900Z",
        "dateUpdated": "2026-03-31T03:55:32.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7776 (GCVE-0-2025-7776)

    Vulnerability from nvd – Published: 2025-08-26 13:03 – Updated: 2025-08-27 14:33
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T14:33:04.448715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T14:33:12.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u003c/span\u003e\u0026nbsp;in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it \u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u00a0in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T13:03:42.316Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7776",
        "datePublished": "2025-08-26T13:03:42.316Z",
        "dateReserved": "2025-07-17T20:39:15.456Z",
        "dateUpdated": "2025-08-27T14:33:12.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-7775 (GCVE-0-2025-7775)

    Vulnerability from nvd – Published: 2025-08-26 12:56 – Updated: 2026-02-26 17:48
    VLAI CISA KEVIntel
    Title
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service
    Summary
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7775",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T03:55:14.429609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-08-26",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:12.091Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-08-26T00:00:00.000Z",
                "value": "CVE-2025-7775 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to Remote Code Execution and/or Denial of Service\u003c/span\u003e in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cp\u003eNetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eCR virtual server with type HDX\u003c/p\u003e\u003c/span\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\n\n(OR)\n\nCR virtual server with type HDX"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T12:56:53.794Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7775",
        "datePublished": "2025-08-26T12:56:53.794Z",
        "dateReserved": "2025-07-17T20:39:14.032Z",
        "dateUpdated": "2026-02-26T17:48:12.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53566 (GCVE-0-2026-53566)

    Vulnerability from cvelistv5 – Published: 2026-07-14 13:12 – Updated: 2026-07-14 13:56
    VLAI
    Title
    Out-of-bounds memory read
    Summary
    Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows. This issue affects Citrix Secure Access Client for Windows: before 26.6.1.20.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Citrix Citrix Secure Access Client for Windows Affected: 0 , < 26.6.1.20 (patch)
    Create a notification for this product.
    Date Public
    2026-07-14 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53566",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T13:56:00.733974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-14T13:56:09.574Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Citrix Secure Access Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26.6.1.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows.\u003cp\u003eThis issue affects Citrix Secure Access Client for Windows: before 26.6.1.20.\u003c/p\u003e"
                }
              ],
              "value": "Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows.\n\nThis issue affects Citrix Secure Access Client for Windows: before 26.6.1.20."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T13:12:57.829Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Out-of-bounds memory read",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2026-53566",
        "datePublished": "2026-07-14T13:12:57.829Z",
        "dateReserved": "2026-06-09T18:32:47.375Z",
        "dateUpdated": "2026-07-14T13:56:09.574Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53565 (GCVE-0-2026-53565)

    Vulnerability from cvelistv5 – Published: 2026-07-14 12:49 – Updated: 2026-07-15 04:00
    VLAI
    Title
    Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
    Summary
    Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Date Public
    2026-07-14 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-14T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T04:00:59.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Secure Access Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26.6.1.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Citrix Endpoint Analysis Client for Windows",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "26. 5.1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows.\u003cp\u003eThis issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.\u003c/p\u003e"
                }
              ],
              "value": "Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows.\n\nThis issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T12:49:17.998Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2026-53565",
        "datePublished": "2026-07-14T12:49:17.998Z",
        "dateReserved": "2026-06-09T18:32:47.375Z",
        "dateUpdated": "2026-07-15T04:00:59.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13474 (GCVE-0-2026-13474)

    Vulnerability from cvelistv5 – Published: 2026-06-30 13:03 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Denial of service via malformed HTTP/2 requests
    Summary
    Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing release of memory after effective lifetime
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:27:19.468802Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eDenial of service via malformed HTTP/2 requests in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eHTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Denial of service via malformed HTTP/2 requests in\u00a0NetScaler ADC and NetScaler Gateway\u00a0if\u00a0HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing release of memory after effective lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:04:29.537Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Denial of service via malformed HTTP/2 requests",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-13474",
        "datePublished": "2026-06-30T13:03:40.967Z",
        "dateReserved": "2026-06-26T22:24:26.657Z",
        "dateUpdated": "2026-06-30T13:27:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10817 (GCVE-0-2026-10817)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:58 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:08.900923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:19.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation leading to memory overread in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the\u0026nbsp;\u003c/span\u003e\u003cspan\u003eTCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.850Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10817",
        "datePublished": "2026-06-30T12:58:38.850Z",
        "dateReserved": "2026-06-04T05:49:25.173Z",
        "dateUpdated": "2026-06-30T13:28:19.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10816 (GCVE-0-2026-10816)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:52 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Arbitrary File Read (Unauthenticated)
    Summary
    Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External control of file name or path
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:37.909957Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:45.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eArbitrary File Read (Unauthenticated) in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the a\u003c/span\u003e\u003cspan\u003eccess to NSIP, Cluster Management IP or SNIP with management access is enabled\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Arbitrary File Read (Unauthenticated) in\u00a0NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External control of file name or path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:59:25.926Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary File Read (Unauthenticated)",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10816",
        "datePublished": "2026-06-30T12:52:14.461Z",
        "dateReserved": "2026-06-04T05:48:47.634Z",
        "dateUpdated": "2026-06-30T13:28:45.455Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8655 (GCVE-0-2026-8655)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:46 – Updated: 2026-06-30 13:33
    VLAI
    Title
    Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8655",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:33:42.732082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:33:48.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMultiple Memory overflow vulnerabilities in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as an LB of type Oracle\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u0026nbsp;\u003c/strong\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS Proxy\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS recursive resolver deployment\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Multiple Memory overflow vulnerabilities in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if\u00a0NetScaler ADC is configured as an LB of type Oracle\u00a0OR\u00a0NetScaler ADC is configured as a DNS Proxy\u00a0OR\u00a0NetScaler ADC is configured as a DNS recursive resolver deployment"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.118Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8655",
        "datePublished": "2026-06-30T12:46:28.140Z",
        "dateReserved": "2026-05-15T06:14:09.794Z",
        "dateUpdated": "2026-06-30T13:33:48.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8452 (GCVE-0-2026-8452)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:41 – Updated: 2026-06-30 13:37
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8452",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:36:43.132060Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:37:04.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMemory overflow vulnerability\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if the a\u003c/span\u003e\u003cspan\u003eppliance is configured as a\u0026nbsp;\u003c/span\u003e\u003cspan\u003eGateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or \u003c/span\u003e\u003cspan\u003eAAA virtual server\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a\u00a0Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:57:25.158Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8452",
        "datePublished": "2026-06-30T12:41:07.622Z",
        "dateReserved": "2026-05-13T00:35:55.317Z",
        "dateUpdated": "2026-06-30T13:37:04.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8451 (GCVE-0-2026-8451)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:33 – Updated: 2026-06-30 13:43
    VLAI KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • awe-125
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPs , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:43:33.940474Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:43:41.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPs",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;leading to memory overread if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC or NetScaler Gateway is configured as a SAML IDP\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to memory overread if\u00a0NetScaler ADC or NetScaler Gateway is configured as a SAML IDP"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "awe-125",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:55:53.680Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8451",
        "datePublished": "2026-06-30T12:33:08.999Z",
        "dateReserved": "2026-05-13T00:35:53.452Z",
        "dateUpdated": "2026-06-30T13:43:41.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3055 (GCVE-0-2026-3055)

    Vulnerability from cvelistv5 – Published: 2026-03-23 20:21 – Updated: 2026-03-31 03:55
    VLAI CISA Shadowserver KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.262 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Create a notification for this product.
    Date Public
    2026-03-23 19:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3055",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-30",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-31T03:55:32.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-30T00:00:00.000Z",
                "value": "CVE-2026-3055 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.262",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-03-23T19:20:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient input validation in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;configured as a SAML IDP\u0026nbsp;\u003c/span\u003eleading to\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;memory overread\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0configured as a SAML IDP\u00a0leading to\u00a0memory overread"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T20:21:27.107Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-3055",
        "datePublished": "2026-03-23T20:21:27.107Z",
        "dateReserved": "2026-02-23T18:00:08.900Z",
        "dateUpdated": "2026-03-31T03:55:32.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7776 (GCVE-0-2025-7776)

    Vulnerability from cvelistv5 – Published: 2025-08-26 13:03 – Updated: 2025-08-27 14:33
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T14:33:04.448715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T14:33:12.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u003c/span\u003e\u0026nbsp;in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it \u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u00a0in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T13:03:42.316Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7776",
        "datePublished": "2025-08-26T13:03:42.316Z",
        "dateReserved": "2025-07-17T20:39:15.456Z",
        "dateUpdated": "2025-08-27T14:33:12.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }