Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1111 vulnerabilities by citrix

    CERTFR-2026-AVI-0822

    Vulnerability from certfr_avis - Published: 2026-07-01 - Updated: 2026-07-01

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler ADC NetScaler ADC versions 13.1-FIPS et 13.1-NDcPP antérieures à 13.1.37.272
    Citrix NetScaler NetScaler ADC et NetScaler Gateway versions 13.1 antérieures à 13.1-63.18
    Citrix NetScaler ADC NetScaler ADC versions 14.1-FIPS antérieures à 14.1-72.61 FIPS
    Citrix NetScaler NetScaler ADC et NetScaler Gateway versions 14.1 antérieures à 14.1-72.61
    References
    Bulletin de sécurité Citrix CTX696604 2026-06-30 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler ADC  versions 13.1-FIPS et 13.1-NDcPP ant\u00e9rieures \u00e0 13.1.37.272",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC\u202fet NetScaler Gateway versions 13.1 ant\u00e9rieures \u00e0 13.1-63.18",
          "product": {
            "name": "NetScaler",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC  versions 14.1-FIPS ant\u00e9rieures \u00e0 14.1-72.61 FIPS",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC\u202fet NetScaler Gateway versions 14.1 ant\u00e9rieures \u00e0 14.1-72.61",
          "product": {
            "name": "NetScaler",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-8452",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8452"
        },
        {
          "name": "CVE-2026-8451",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8451"
        },
        {
          "name": "CVE-2026-10817",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-10817"
        },
        {
          "name": "CVE-2026-10816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-10816"
        },
        {
          "name": "CVE-2026-8655",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-8655"
        },
        {
          "name": "CVE-2026-13474",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-13474"
        }
      ],
      "initial_release_date": "2026-07-01T00:00:00",
      "last_revision_date": "2026-07-01T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0822",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-07-01T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2026-06-30",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696604",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
        }
      ]
    }

    CERTFR-2026-AVI-0510

    Vulnerability from certfr_avis - Published: 2026-04-29 - Updated: 2026-04-29

    De multiples vulnérabilités ont été découvertes dans Citrix XenServer. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer versions 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX696527 2026-04-28 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer versions 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23559"
        },
        {
          "name": "CVE-2026-23558",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23558"
        },
        {
          "name": "CVE-2025-54505",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-54505"
        },
        {
          "name": "CVE-2026-23556",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23556"
        },
        {
          "name": "CVE-2026-23561",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23561"
        },
        {
          "name": "CVE-2026-23560",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23560"
        }
      ],
      "initial_release_date": "2026-04-29T00:00:00",
      "last_revision_date": "2026-04-29T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0510",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-04-29T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix XenServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-04-28",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696527",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696527\u0026articleURL=XenServer_Security_Update_for_Multiple_Issues"
        }
      ]
    }

    CERTFR-2026-AVI-0358

    Vulnerability from certfr_avis - Published: 2026-03-25 - Updated: 2026-03-25

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer versions 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX696397 2026-03-25 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer versions 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-4397",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4397"
        }
      ],
      "initial_release_date": "2026-03-25T00:00:00",
      "last_revision_date": "2026-03-25T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0358",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696397",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696397\u0026articleURL=XenServer_Security_Update_for_CVE_2026_4397"
        }
      ]
    }

    CERTFR-2026-AVI-0337

    Vulnerability from certfr_avis - Published: 2026-03-23 - Updated: 2026-03-23

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler Gateway NetScaler Gateway  versions 14.0.x antérieures à 14.1-66.59
    Citrix NetScaler ADC NetScaler ADC versions 14.0.x antérieures à 14.1-66.59
    Citrix NetScaler ADC NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions antérieures à 13.1.37.262
    Citrix NetScaler Gateway NetScaler Gateway  versions 13.1.x antérieures à 13.1-62.23
    Citrix NetScaler ADC NetScaler ADC versions 13.1.x antérieures à 13.1-62.23
    References
    Bulletin de sécurité Citrix CTX696300 2026-03-23 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler Gateway\u202f versions 14.0.x ant\u00e9rieures \u00e0 14.1-66.59",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 14.0.x ant\u00e9rieures \u00e0 14.1-66.59",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions ant\u00e9rieures \u00e0 13.1.37.262",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway\u202f versions 13.1.x ant\u00e9rieures \u00e0 13.1-62.23",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 13.1.x ant\u00e9rieures \u00e0 13.1-62.23",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-4368",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4368"
        },
        {
          "name": "CVE-2026-3055",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3055"
        }
      ],
      "initial_release_date": "2026-03-23T00:00:00",
      "last_revision_date": "2026-03-23T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0337",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-23T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2026-03-23",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696300",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300\u0026articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2026_3055_and_CVE_2026_4368"
        }
      ]
    }

    CERTFR-2026-AVI-0311

    Vulnerability from certfr_avis - Published: 2026-03-18 - Updated: 2026-03-18

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer 8.4 sans les derniers correctifs de sécurité
    References
    Bulletin de sécurité Citrix CTX696350 2026-03-17 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer 8.4 sans les derniers correctifs de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23554",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23554"
        }
      ],
      "initial_release_date": "2026-03-18T00:00:00",
      "last_revision_date": "2026-03-18T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0311",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-18T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-03-17",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696350",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696350\u0026articleURL=XenServer_Security_Update_for_CVE_2026_23554"
        }
      ]
    }

    CERTFR-2026-AVI-0090

    Vulnerability from certfr_avis - Published: 2026-01-27 - Updated: 2026-01-27

    De multiples vulnérabilités ont été découvertes dans Citrix XenServer. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer version 8.4 sans le dernier correctif de sécurité
    References
    Bulletin de sécurité Citrix CTX695997 2026-01-27 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "XenServer version 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-23553",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23553"
        },
        {
          "name": "CVE-2025-58151",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58151"
        }
      ],
      "initial_release_date": "2026-01-27T00:00:00",
      "last_revision_date": "2026-01-27T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0090",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-01-27T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix XenServer. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2026-01-27",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695997",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695997\u0026articleURL=XenServer_Security_Update_for_CVE_2025_58151_and_CVE_2026_23553"
        }
      ]
    }

    CERTFR-2025-AVI-1081

    Vulnerability from certfr_avis - Published: 2025-12-09 - Updated: 2025-12-09

    Une vulnérabilité a été découverte dans Citrix XenServer. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix XenServer XenServer 8.4 sur processeur AMD Zen 5 sans le microgiciel incluant le correctif de sécurité AGESA PI 1.0.0.4
    References
    Bulletin de sécurité Citrix CTX695797 2025-12-08 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": " XenServer 8.4 sur processeur AMD Zen 5 sans le microgiciel incluant le correctif de s\u00e9curit\u00e9 AGESA PI 1.0.0.4",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-62626",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62626"
        }
      ],
      "initial_release_date": "2025-12-09T00:00:00",
      "last_revision_date": "2025-12-09T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-1081",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-12-09T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Citrix XenServer. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix XenServer",
      "vendor_advisories": [
        {
          "published_at": "2025-12-08",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695797",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695797\u0026articleURL=XenServer_Security_Update_for_CVE_2025_62626"
        }
      ]
    }

    CERTFR-2025-AVI-0987

    Vulnerability from certfr_avis - Published: 2025-11-12 - Updated: 2025-11-12

    Une vulnérabilité a été découverte dans les produits Citrix. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix NetScaler ADC NetScaler ADC versions 13.1-FIPS et NDcPP antérieures à 13.1-37.250-FIPS et NDcPP
    Citrix NetScaler Gateway NetScaler Gateway versions 14.x antérieures à 14.1-56.73
    Citrix NetScaler ADC NetScaler ADC versions 12.1-FIPS et 12.1-NDcPP antérieures à 12.1-55.333-FIPS et NDcPP
    Citrix NetScaler ADC NetScaler ADC versions 14.x antérieures à 14.1-56.73
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 13.1-60.32
    Citrix NetScaler ADC Netscaler ADC versions antérieures à 13.1-60.32
    References
    Bulletin de sécurité Citrix CTX695486 2025-11-11 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler ADC versions 13.1-FIPS et NDcPP ant\u00e9rieures \u00e0 13.1-37.250-FIPS et NDcPP",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions 14.x ant\u00e9rieures \u00e0 14.1-56.73",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 12.1-FIPS et 12.1-NDcPP ant\u00e9rieures \u00e0 12.1-55.333-FIPS et NDcPP",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions 14.x ant\u00e9rieures \u00e0 14.1-56.73",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-60.32",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "Netscaler ADC versions ant\u00e9rieures \u00e0 13.1-60.32",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-12101",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-12101"
        }
      ],
      "initial_release_date": "2025-11-12T00:00:00",
      "last_revision_date": "2025-11-12T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0987",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-11-12T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Citrix. Elle permet \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2025-11-11",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX695486",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695486\u0026articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_12101"
        }
      ]
    }

    CERTFR-2025-AVI-0730

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans Citrix NetScaler ADC et NetScaler Gateway. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

    Citrix indique que la vulnérabilité CVE-2025-7775 est activement exploitée.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Citrix rappelle que les versions 12.1 and 13.0 de NetScaler ADC et NetScaler Gateway sont obsolètes et ne recevront plus de mises à jour de sécurité. L'éditeur recommande de migrer vers une version maintenue et à jour.

    Impacted products
    Vendor Product Description
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 13.1-59.22
    Citrix NetScaler ADC NetScaler ADC versions antérieures à 14.1-47.48
    Citrix NetScaler ADC NetScaler ADC versions antérieures à 13.1-59.22
    Citrix NetScaler ADC NetScaler ADC 12.1-FIPS et 12.1-NDcPP versions antérieures à 12.1-55.330
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 14.1-47.48
    Citrix NetScaler ADC NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions antérieures à 13.1-37.241
    References
    Bulletin de sécurité Citrix CTX694938 2025-08-26 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-59.22",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 14.1-47.48",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 13.1-59.22",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 12.1-FIPS et 12.1-NDcPP versions ant\u00e9rieures \u00e0 12.1-55.330",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 14.1-47.48",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions ant\u00e9rieures \u00e0 13.1-37.241",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "Citrix rappelle que les versions 12.1 and 13.0 de NetScaler ADC et NetScaler Gateway sont obsol\u00e8tes et ne recevront plus de mises \u00e0 jour de s\u00e9curit\u00e9. L\u0027\u00e9diteur recommande de migrer vers une version maintenue et \u00e0 jour.",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-7776",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7776"
        },
        {
          "name": "CVE-2025-7775",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7775"
        },
        {
          "name": "CVE-2025-8424",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-8424"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0730",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-08-26T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix NetScaler ADC et NetScaler Gateway.  Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n\nCitrix indique que la vuln\u00e9rabilit\u00e9 CVE-2025-7775 est activement exploit\u00e9e.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix NetScaler ADC et NetScaler Gateway",
      "vendor_advisories": [
        {
          "published_at": "2025-08-26",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX694938",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938\u0026articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424"
        }
      ]
    }

    CERTFR-2025-AVI-0568

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elle permet à un attaquant de provoquer une élévation de privilèges et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Citrix Virtual Apps and Desktops Citrix Virtual Apps and Desktops versions 2402 LTSR CU1 sans le correctif de sécurité Update 1
    Citrix Virtual Apps and Desktops Citrix Virtual Apps and Desktops versions antérieures à 2503
    Citrix XenServer XenServer version 8.4 sans le dernier correctif de sécurité
    Citrix Virtual Apps and Desktops Citrix Virtual Apps and Desktops versions 2402 LTSR CU2 sans le correctif de sécurité Update 1
    References
    Bulletin de sécurité Citrix CTX694846 2025-07-08 vendor-advisory
    Bulletin de sécurité Citrix CTX694820 2025-07-08 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Citrix Virtual Apps and Desktops versions 2402 LTSR CU1 sans le correctif de s\u00e9curit\u00e9 Update 1",
          "product": {
            "name": "Virtual Apps and Desktops",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "Citrix Virtual Apps and Desktops versions ant\u00e9rieures \u00e0 2503",
          "product": {
            "name": "Virtual Apps and Desktops",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "XenServer version 8.4 sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "XenServer",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "Citrix Virtual Apps and Desktops versions 2402 LTSR CU2 sans le correctif de s\u00e9curit\u00e9 Update 1",
          "product": {
            "name": "Virtual Apps and Desktops",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-6759",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6759"
        },
        {
          "name": "CVE-2024-36357",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
        },
        {
          "name": "CVE-2024-36350",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0568",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-07-09T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
      "vendor_advisories": [
        {
          "published_at": "2025-07-08",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX694846",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694846\u0026articleURL=XenServer_Security_Update_for_CVE_2024_36350_and_CVE_2024_36357"
        },
        {
          "published_at": "2025-07-08",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX694820",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694820\u0026articleURL=Windows_Virtual_Delivery_Agent_for_CVAD_and_Citrix_DaaS_Security_Bulletin_CVE_2025_6759"
        }
      ]
    }

    CVE-2026-8655 (GCVE-0-2026-8655)

    Vulnerability from nvd – Published: 2026-06-30 12:46 – Updated: 2026-06-30 13:33
    VLAI
    Title
    Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8655",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:33:42.732082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:33:48.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMultiple Memory overflow vulnerabilities in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as an LB of type Oracle\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u0026nbsp;\u003c/strong\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS Proxy\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS recursive resolver deployment\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Multiple Memory overflow vulnerabilities in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if\u00a0NetScaler ADC is configured as an LB of type Oracle\u00a0OR\u00a0NetScaler ADC is configured as a DNS Proxy\u00a0OR\u00a0NetScaler ADC is configured as a DNS recursive resolver deployment"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.118Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8655",
        "datePublished": "2026-06-30T12:46:28.140Z",
        "dateReserved": "2026-05-15T06:14:09.794Z",
        "dateUpdated": "2026-06-30T13:33:48.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8452 (GCVE-0-2026-8452)

    Vulnerability from nvd – Published: 2026-06-30 12:41 – Updated: 2026-06-30 13:37
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8452",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:36:43.132060Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:37:04.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMemory overflow vulnerability\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if the a\u003c/span\u003e\u003cspan\u003eppliance is configured as a\u0026nbsp;\u003c/span\u003e\u003cspan\u003eGateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or \u003c/span\u003e\u003cspan\u003eAAA virtual server\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a\u00a0Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:57:25.158Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8452",
        "datePublished": "2026-06-30T12:41:07.622Z",
        "dateReserved": "2026-05-13T00:35:55.317Z",
        "dateUpdated": "2026-06-30T13:37:04.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8451 (GCVE-0-2026-8451)

    Vulnerability from nvd – Published: 2026-06-30 12:33 – Updated: 2026-06-30 13:43
    VLAI KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • awe-125
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPs , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:43:33.940474Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:43:41.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPs",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;leading to memory overread if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC or NetScaler Gateway is configured as a SAML IDP\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to memory overread if\u00a0NetScaler ADC or NetScaler Gateway is configured as a SAML IDP"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "awe-125",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:55:53.680Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8451",
        "datePublished": "2026-06-30T12:33:08.999Z",
        "dateReserved": "2026-05-13T00:35:53.452Z",
        "dateUpdated": "2026-06-30T13:43:41.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13474 (GCVE-0-2026-13474)

    Vulnerability from nvd – Published: 2026-06-30 13:03 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Denial of service via malformed HTTP/2 requests
    Summary
    Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing release of memory after effective lifetime
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:27:19.468802Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eDenial of service via malformed HTTP/2 requests in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eHTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Denial of service via malformed HTTP/2 requests in\u00a0NetScaler ADC and NetScaler Gateway\u00a0if\u00a0HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing release of memory after effective lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:04:29.537Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Denial of service via malformed HTTP/2 requests",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-13474",
        "datePublished": "2026-06-30T13:03:40.967Z",
        "dateReserved": "2026-06-26T22:24:26.657Z",
        "dateUpdated": "2026-06-30T13:27:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10817 (GCVE-0-2026-10817)

    Vulnerability from nvd – Published: 2026-06-30 12:58 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:08.900923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:19.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation leading to memory overread in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the\u0026nbsp;\u003c/span\u003e\u003cspan\u003eTCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.850Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10817",
        "datePublished": "2026-06-30T12:58:38.850Z",
        "dateReserved": "2026-06-04T05:49:25.173Z",
        "dateUpdated": "2026-06-30T13:28:19.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10816 (GCVE-0-2026-10816)

    Vulnerability from nvd – Published: 2026-06-30 12:52 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Arbitrary File Read (Unauthenticated)
    Summary
    Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External control of file name or path
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:37.909957Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:45.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eArbitrary File Read (Unauthenticated) in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the a\u003c/span\u003e\u003cspan\u003eccess to NSIP, Cluster Management IP or SNIP with management access is enabled\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Arbitrary File Read (Unauthenticated) in\u00a0NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External control of file name or path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:59:25.926Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary File Read (Unauthenticated)",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10816",
        "datePublished": "2026-06-30T12:52:14.461Z",
        "dateReserved": "2026-06-04T05:48:47.634Z",
        "dateUpdated": "2026-06-30T13:28:45.455Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3055 (GCVE-0-2026-3055)

    Vulnerability from nvd – Published: 2026-03-23 20:21 – Updated: 2026-03-31 03:55
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.262 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Create a notification for this product.
    Date Public
    2026-03-23 19:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3055",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-30",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-31T03:55:32.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-30T00:00:00.000Z",
                "value": "CVE-2026-3055 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.262",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-03-23T19:20:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient input validation in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;configured as a SAML IDP\u0026nbsp;\u003c/span\u003eleading to\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;memory overread\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0configured as a SAML IDP\u00a0leading to\u00a0memory overread"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T20:21:27.107Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-3055",
        "datePublished": "2026-03-23T20:21:27.107Z",
        "dateReserved": "2026-02-23T18:00:08.900Z",
        "dateUpdated": "2026-03-31T03:55:32.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7776 (GCVE-0-2025-7776)

    Vulnerability from nvd – Published: 2025-08-26 13:03 – Updated: 2025-08-27 14:33
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T14:33:04.448715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T14:33:12.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u003c/span\u003e\u0026nbsp;in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it \u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u00a0in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T13:03:42.316Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7776",
        "datePublished": "2025-08-26T13:03:42.316Z",
        "dateReserved": "2025-07-17T20:39:15.456Z",
        "dateUpdated": "2025-08-27T14:33:12.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-7775 (GCVE-0-2025-7775)

    Vulnerability from nvd – Published: 2025-08-26 12:56 – Updated: 2026-02-26 17:48
    VLAI CISA KEVIntel
    Title
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service
    Summary
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7775",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T03:55:14.429609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-08-26",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:12.091Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-08-26T00:00:00.000Z",
                "value": "CVE-2025-7775 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to Remote Code Execution and/or Denial of Service\u003c/span\u003e in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cp\u003eNetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eCR virtual server with type HDX\u003c/p\u003e\u003c/span\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\n\n(OR)\n\nCR virtual server with type HDX"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T12:56:53.794Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7775",
        "datePublished": "2025-08-26T12:56:53.794Z",
        "dateReserved": "2025-07-17T20:39:14.032Z",
        "dateUpdated": "2026-02-26T17:48:12.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6759 (GCVE-0-2025-6759)

    Vulnerability from nvd – Published: 2025-07-08 21:41 – Updated: 2026-02-26 17:51
    VLAI
    Title
    Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
    Summary
    Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Citrix Windows Virtual Delivery Agent for CVAD and Citrix DaaS Affected: Current Release (CR) , < 2503 (patch)
    Affected: Long Term Service Release (LTSR) , ≤ 2402 LTSR CU2 (patch)
    Create a notification for this product.
    Date Public
    2025-07-08 12:31
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6759",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-10T03:56:00.709839Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:01.693Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Windows Virtual Delivery Agent for CVAD and Citrix DaaS",
              "vendor": "Citrix",
              "versions": [
                {
                  "lessThan": "2503",
                  "status": "affected",
                  "version": "Current Release (CR)",
                  "versionType": "patch"
                },
                {
                  "lessThanOrEqual": "2402 LTSR CU2",
                  "status": "affected",
                  "version": "Long Term Service Release (LTSR)",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-07-08T12:31:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLocal Privilege escalation allows a low-privileged user to gain SYSTEM privileges\u0026nbsp;\u003c/span\u003ein Windows Virtual Delivery Agent for CVAD and Citrix DaaS"
                }
              ],
              "value": "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges\u00a0in Windows Virtual Delivery Agent for CVAD and Citrix DaaS"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T21:41:21.902Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694820"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-6759",
        "datePublished": "2025-07-08T21:41:21.902Z",
        "dateReserved": "2025-06-27T01:20:50.330Z",
        "dateUpdated": "2026-02-26T17:51:01.693Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13474 (GCVE-0-2026-13474)

    Vulnerability from cvelistv5 – Published: 2026-06-30 13:03 – Updated: 2026-06-30 13:27
    VLAI
    Title
    Denial of service via malformed HTTP/2 requests
    Summary
    Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing release of memory after effective lifetime
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-13474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:27:19.468802Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:27:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eDenial of service via malformed HTTP/2 requests in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eHTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Denial of service via malformed HTTP/2 requests in\u00a0NetScaler ADC and NetScaler Gateway\u00a0if\u00a0HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401 Missing release of memory after effective lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T13:04:29.537Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Denial of service via malformed HTTP/2 requests",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-13474",
        "datePublished": "2026-06-30T13:03:40.967Z",
        "dateReserved": "2026-06-26T22:24:26.657Z",
        "dateUpdated": "2026-06-30T13:27:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10817 (GCVE-0-2026-10817)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:58 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:08.900923Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:19.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation leading to memory overread in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the\u0026nbsp;\u003c/span\u003e\u003cspan\u003eTCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.850Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10817",
        "datePublished": "2026-06-30T12:58:38.850Z",
        "dateReserved": "2026-06-04T05:49:25.173Z",
        "dateUpdated": "2026-06-30T13:28:19.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10816 (GCVE-0-2026-10816)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:52 – Updated: 2026-06-30 13:28
    VLAI
    Title
    Arbitrary File Read (Unauthenticated)
    Summary
    Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External control of file name or path
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:37.909957Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:28:45.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cspan\u003eArbitrary File Read (Unauthenticated) in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the a\u003c/span\u003e\u003cspan\u003eccess to NSIP, Cluster Management IP or SNIP with management access is enabled\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "Arbitrary File Read (Unauthenticated) in\u00a0NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External control of file name or path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:59:25.926Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary File Read (Unauthenticated)",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-10816",
        "datePublished": "2026-06-30T12:52:14.461Z",
        "dateReserved": "2026-06-04T05:48:47.634Z",
        "dateUpdated": "2026-06-30T13:28:45.455Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8655 (GCVE-0-2026-8655)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:46 – Updated: 2026-06-30 13:33
    VLAI
    Title
    Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8655",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:33:42.732082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:33:48.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMultiple Memory overflow vulnerabilities in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as an LB of type Oracle\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u0026nbsp;\u003c/strong\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS Proxy\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS recursive resolver deployment\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Multiple Memory overflow vulnerabilities in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if\u00a0NetScaler ADC is configured as an LB of type Oracle\u00a0OR\u00a0NetScaler ADC is configured as a DNS Proxy\u00a0OR\u00a0NetScaler ADC is configured as a DNS recursive resolver deployment"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:58:38.118Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8655",
        "datePublished": "2026-06-30T12:46:28.140Z",
        "dateReserved": "2026-05-15T06:14:09.794Z",
        "dateUpdated": "2026-06-30T13:33:48.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8452 (GCVE-0-2026-8452)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:41 – Updated: 2026-06-30 13:37
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPS , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8452",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:36:43.132060Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:37:04.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPS",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eMemory overflow vulnerability\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if the a\u003c/span\u003e\u003cspan\u003eppliance is configured as a\u0026nbsp;\u003c/span\u003e\u003cspan\u003eGateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or \u003c/span\u003e\u003cspan\u003eAAA virtual server\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a\u00a0Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:57:25.158Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8452",
        "datePublished": "2026-06-30T12:41:07.622Z",
        "dateReserved": "2026-05-13T00:35:55.317Z",
        "dateUpdated": "2026-06-30T13:37:04.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8451 (GCVE-0-2026-8451)

    Vulnerability from cvelistv5 – Published: 2026-06-30 12:33 – Updated: 2026-06-30 13:43
    VLAI KEVIntel
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • awe-125
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Affected: 14.1 FIPs , < 72.61 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.272 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 72.61 (patch)
    Affected: 13.1 , < 63.18 (patch)
    Create a notification for this product.
    Date Public
    2026-06-30 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8451",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:43:33.940474Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:43:41.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1 FIPs",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.272",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "72.61",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "63.18",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-30T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003eInsufficient input validation in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;leading to memory overread if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC or NetScaler Gateway is configured as a SAML IDP\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to memory overread if\u00a0NetScaler ADC or NetScaler Gateway is configured as a SAML IDP"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "awe-125",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T12:55:53.680Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-8451",
        "datePublished": "2026-06-30T12:33:08.999Z",
        "dateReserved": "2026-05-13T00:35:53.452Z",
        "dateUpdated": "2026-06-30T13:43:41.903Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3055 (GCVE-0-2026-3055)

    Vulnerability from cvelistv5 – Published: 2026-03-23 20:21 – Updated: 2026-03-31 03:55
    Title
    Insufficient input validation leading to memory overread
    Summary
    Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.262 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 66.59 (patch)
    Affected: 13.1 , < 62.23 (patch)
    Create a notification for this product.
    Date Public
    2026-03-23 19:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3055",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-30",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-31T03:55:32.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-30T00:00:00.000Z",
                "value": "CVE-2026-3055 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.262",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "66.59",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "62.23",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-03-23T19:20:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient input validation in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;configured as a SAML IDP\u0026nbsp;\u003c/span\u003eleading to\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;memory overread\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0configured as a SAML IDP\u00a0leading to\u00a0memory overread"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-23T20:21:27.107Z",
            "orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
            "shortName": "NetScaler"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insufficient input validation leading to memory overread",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
        "assignerShortName": "NetScaler",
        "cveId": "CVE-2026-3055",
        "datePublished": "2026-03-23T20:21:27.107Z",
        "dateReserved": "2026-02-23T18:00:08.900Z",
        "dateUpdated": "2026-03-31T03:55:32.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7776 (GCVE-0-2025-7776)

    Vulnerability from cvelistv5 – Published: 2025-08-26 13:03 – Updated: 2025-08-27 14:33
    VLAI
    Title
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
    Summary
    Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T14:33:04.448715Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-27T14:33:12.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:59:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u003c/span\u003e\u0026nbsp;in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it \u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service\u00a0in\u00a0NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T13:03:42.316Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7776",
        "datePublished": "2025-08-26T13:03:42.316Z",
        "dateReserved": "2025-07-17T20:39:15.456Z",
        "dateUpdated": "2025-08-27T14:33:12.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-7775 (GCVE-0-2025-7775)

    Vulnerability from cvelistv5 – Published: 2025-08-26 12:56 – Updated: 2026-02-26 17:48
    VLAI CISA KEVIntel
    Title
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service
    Summary
    Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    NetScaler ADC Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    NetScaler Gateway Affected: 14.1 , < 47.48 (patch)
    Affected: 13.1 , < 59.22 (patch)
    Affected: 13.1 FIPS and NDcPP , < 37.241 (patch)
    Affected: 12.1 FIPS and NDcPP , < 55.330 (patch)
    Create a notification for this product.
    Date Public
    2025-08-26 12:52
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7775",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-27T03:55:14.429609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-08-26",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:12.091Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-08-26T00:00:00.000Z",
                "value": "CVE-2025-7775 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ADC",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Gateway",
              "vendor": "NetScaler",
              "versions": [
                {
                  "lessThan": "47.48",
                  "status": "affected",
                  "version": "14.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "59.22",
                  "status": "affected",
                  "version": "13.1",
                  "versionType": "patch"
                },
                {
                  "lessThan": "37.241",
                  "status": "affected",
                  "version": "13.1 FIPS and NDcPP",
                  "versionType": "patch"
                },
                {
                  "lessThan": "55.330",
                  "status": "affected",
                  "version": "12.1 FIPS and NDcPP",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2025-08-26T12:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory overflow vulnerability leading to Remote Code Execution and/or Denial of Service\u003c/span\u003e in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway when\u0026nbsp;\u003cp\u003eNetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\u003c/p\u003e\u003cp\u003e(OR)\u003c/p\u003e\u003cp\u003eCR virtual server with type HDX\u003c/p\u003e\u003c/span\u003e"
                }
              ],
              "value": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when\u00a0NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server\n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers \n\n(OR)\n\nNetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers\n\n(OR)\n\nCR virtual server with type HDX"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T12:56:53.794Z",
            "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
            "shortName": "Citrix"
          },
          "references": [
            {
              "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "assignerShortName": "Citrix",
        "cveId": "CVE-2025-7775",
        "datePublished": "2025-08-26T12:56:53.794Z",
        "dateReserved": "2025-07-17T20:39:14.032Z",
        "dateUpdated": "2026-02-26T17:48:12.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CERTFR-2025-ALE-012

    Vulnerability from certfr_alerte - Published: 2025-08-26 - Updated: 2025-09-26

    Le 26 août 2025, Citrix a publié un bulletin de sécurité (cf. section Documentation) concernant, entre autres, la vulnérabilité CVE-2025-7775.

    Celle-ci permet une exécution de code arbitraire à distance et affecte toutes les versions de Citrix NetScaler ADC et NetScaler Gateway, dans certaines configurations détaillées par l'éditeur.

    Citrix indique que la vulnérabilité CVE-2025-7775 est activement exploitée.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Le CERT-FR recommande l'application des correctifs dans les plus brefs délais.

    Citrix rappelle que les versions 12.1 and 13.0 de NetScaler ADC et NetScaler Gateway sont obsolètes et ne recevront plus de mises à jour de sécurité. L'éditeur recommande de migrer vers une version maintenue et à jour.

    Impacted products
    Vendor Product Description
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 13.1-59.22
    Citrix NetScaler ADC NetScaler ADC versions antérieures à 14.1-47.48
    Citrix NetScaler ADC NetScaler ADC versions antérieures à 13.1-59.22
    Citrix NetScaler ADC NetScaler ADC 12.1-FIPS et 12.1-NDcPP versions antérieures à 12.1-55.330
    Citrix NetScaler Gateway NetScaler Gateway versions antérieures à 14.1-47.48
    Citrix NetScaler ADC NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions antérieures à 13.1-37.241

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-59.22",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 14.1-47.48",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 13.1-59.22",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 12.1-FIPS et 12.1-NDcPP versions ant\u00e9rieures \u00e0 12.1-55.330",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 14.1-47.48",
          "product": {
            "name": "NetScaler Gateway",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        },
        {
          "description": "NetScaler ADC 13.1-FIPS et 13.1-NDcPP versions ant\u00e9rieures \u00e0 13.1-37.241",
          "product": {
            "name": "NetScaler ADC",
            "vendor": {
              "name": "Citrix",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "Citrix rappelle que les versions 12.1 and 13.0 de NetScaler ADC et NetScaler Gateway sont obsol\u00e8tes et ne recevront plus de mises \u00e0 jour de s\u00e9curit\u00e9. L\u0027\u00e9diteur recommande de migrer vers une version maintenue et \u00e0 jour.",
      "closed_at": "2025-09-26",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).\n\nLe CERT-FR recommande l\u0027application des correctifs dans les plus brefs d\u00e9lais.",
      "cves": [
        {
          "name": "CVE-2025-7775",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7775"
        }
      ],
      "initial_release_date": "2025-08-26T00:00:00",
      "last_revision_date": "2025-09-26T00:00:00",
      "links": [
        {
          "title": "Avis CERT-FR CERTFR-2025-AVI-0730 du 26 ao\u00fbt 2025 ",
          "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0730/"
        },
        {
          "title": "Compromission d\u0027un \u00e9quipement de bordure r\u00e9seau - Endiguement",
          "url": "https://www.cert.ssi.gouv.fr/fiche/CERTFR-2025-RFX-002/"
        },
        {
          "title": "Recommendations de Citrix en cas de soup\u00e7ons de compromission",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694799"
        },
        {
          "title": "Compromission d\u0027un \u00e9quipement de bordure r\u00e9seau - Qualification",
          "url": "https://www.cert.ssi.gouv.fr/fiche/CERTFR-2025-RFX-001/"
        }
      ],
      "reference": "CERTFR-2025-ALE-012",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-08-26T00:00:00.000000"
        },
        {
          "description": "     Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
          "revision_date": "2025-09-26T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        }
      ],
      "summary": "Le 26 ao\u00fbt 2025, Citrix a publi\u00e9 un bulletin de s\u00e9curit\u00e9 (cf. section Documentation) concernant, entre autres, la vuln\u00e9rabilit\u00e9 CVE-2025-7775.\n\nCelle-ci permet une ex\u00e9cution de code arbitraire \u00e0 distance et affecte toutes les versions de Citrix NetScaler ADC et NetScaler Gateway, dans certaines configurations d\u00e9taill\u00e9es par l\u0027\u00e9diteur.\n\nCitrix indique que la vuln\u00e9rabilit\u00e9 CVE-2025-7775 est activement exploit\u00e9e.\n\n",
      "title": "Vuln\u00e9rabilit\u00e9 dans Citrix NetScaler ADC et NetScaler Gateway",
      "vendor_advisories": [
        {
          "published_at": "2025-08-26",
          "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX694938",
          "url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938"
        }
      ]
    }