{"uuid": "cd982584-18e1-4ed1-98bf-a09513572609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "exploited", "source": "https://t.me/thehackernews/9400", "content": "\ud83d\udea8 Update - Citrix CVE-2026-8451 is now under active exploitation, less than 24 hours after disclosure.\n\nA Frankfurt IP hit sensors for 5 hours, delivering the watchTowr exploit only after a 200 OK response and skipping 404s.\n\nLearn the malformed SAML exploit path works: https://thehackernews.com/2026/07/citrix-patches-six-netscaler-flaws.html", "creation_timestamp": "2026-07-16T00:00:19.300938Z"}