Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0822
Vulnerability from certfr_avis - Published: 2026-07-01 - Updated: 2026-07-01
De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Citrix | NetScaler ADC | NetScaler ADC versions 13.1-FIPS et 13.1-NDcPP antérieures à 13.1.37.272 | ||
| Citrix | NetScaler | NetScaler ADC et NetScaler Gateway versions 13.1 antérieures à 13.1-63.18 | ||
| Citrix | NetScaler ADC | NetScaler ADC versions 14.1-FIPS antérieures à 14.1-72.61 FIPS | ||
| Citrix | NetScaler | NetScaler ADC et NetScaler Gateway versions 14.1 antérieures à 14.1-72.61 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetScaler ADC versions 13.1-FIPS et 13.1-NDcPP ant\u00e9rieures \u00e0 13.1.37.272",
"product": {
"name": "NetScaler ADC",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "NetScaler ADC\u202fet NetScaler Gateway versions 13.1 ant\u00e9rieures \u00e0 13.1-63.18",
"product": {
"name": "NetScaler",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "NetScaler ADC versions 14.1-FIPS ant\u00e9rieures \u00e0 14.1-72.61 FIPS",
"product": {
"name": "NetScaler ADC",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "NetScaler ADC\u202fet NetScaler Gateway versions 14.1 ant\u00e9rieures \u00e0 14.1-72.61",
"product": {
"name": "NetScaler",
"vendor": {
"name": "Citrix",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-8452",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8452"
},
{
"name": "CVE-2026-8451",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8451"
},
{
"name": "CVE-2026-10817",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10817"
},
{
"name": "CVE-2026-10816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10816"
},
{
"name": "CVE-2026-8655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8655"
},
{
"name": "CVE-2026-13474",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13474"
}
],
"initial_release_date": "2026-07-01T00:00:00",
"last_revision_date": "2026-07-01T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0822",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
"vendor_advisories": [
{
"published_at": "2026-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX696604",
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
]
}
CVE-2026-10816 (GCVE-0-2026-10816)
Vulnerability from cvelistv5 – Published: 2026-06-30 12:52 – Updated: 2026-06-30 13:28
VLAI
EPSS
Title
Arbitrary File Read (Unauthenticated)
Summary
Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-73 - External control of file name or path
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:28:37.909957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:28:45.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan\u003eArbitrary File Read (Unauthenticated) in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the a\u003c/span\u003e\u003cspan\u003eccess to NSIP, Cluster Management IP or SNIP with management access is enabled\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Arbitrary File Read (Unauthenticated) in\u00a0NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External control of file name or path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:59:25.926Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Read (Unauthenticated)",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-10816",
"datePublished": "2026-06-30T12:52:14.461Z",
"dateReserved": "2026-06-04T05:48:47.634Z",
"dateUpdated": "2026-06-30T13:28:45.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10817 (GCVE-0-2026-10817)
Vulnerability from cvelistv5 – Published: 2026-06-30 12:58 – Updated: 2026-06-30 13:28
VLAI
EPSS
Title
Insufficient input validation leading to memory overread
Summary
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:52
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:28:08.900923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:28:19.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eInsufficient input validation leading to memory overread in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway if the\u0026nbsp;\u003c/span\u003e\u003cspan\u003eTCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:58:38.850Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient input validation leading to memory overread",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-10817",
"datePublished": "2026-06-30T12:58:38.850Z",
"dateReserved": "2026-06-04T05:49:25.173Z",
"dateUpdated": "2026-06-30T13:28:19.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-13474 (GCVE-0-2026-13474)
Vulnerability from cvelistv5 – Published: 2026-06-30 13:03 – Updated: 2026-06-30 13:27
VLAI
EPSS
Title
Denial of service via malformed HTTP/2 requests
Summary
Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing release of memory after effective lifetime
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:27:19.468802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:27:27.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan\u003eDenial of service via malformed HTTP/2 requests in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eHTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler\u003c/span\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Denial of service via malformed HTTP/2 requests in\u00a0NetScaler ADC and NetScaler Gateway\u00a0if\u00a0HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing release of memory after effective lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:04:29.537Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of service via malformed HTTP/2 requests",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-13474",
"datePublished": "2026-06-30T13:03:40.967Z",
"dateReserved": "2026-06-26T22:24:26.657Z",
"dateUpdated": "2026-06-30T13:27:27.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8451 (GCVE-0-2026-8451)
Vulnerability from cvelistv5 – Published: 2026-06-30 12:33 – Updated: 2026-06-30 13:43
VLAI
EPSS
Title
Insufficient input validation leading to memory overread
Summary
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- awe-125
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:43:33.940474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:43:41.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPs",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eInsufficient input validation in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u003c/span\u003e\u003cspan\u003e\u0026nbsp;leading to memory overread if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC or NetScaler Gateway is configured as a SAML IDP\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Insufficient input validation in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to memory overread if\u00a0NetScaler ADC or NetScaler Gateway is configured as a SAML IDP"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "awe-125",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:55:53.680Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient input validation leading to memory overread",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-8451",
"datePublished": "2026-06-30T12:33:08.999Z",
"dateReserved": "2026-05-13T00:35:53.452Z",
"dateUpdated": "2026-06-30T13:43:41.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8452 (GCVE-0-2026-8452)
Vulnerability from cvelistv5 – Published: 2026-06-30 12:41 – Updated: 2026-06-30 13:37
VLAI
EPSS
Title
Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service
Summary
Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:36:43.132060Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:37:04.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eMemory overflow vulnerability\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if the a\u003c/span\u003e\u003cspan\u003eppliance is configured as a\u0026nbsp;\u003c/span\u003e\u003cspan\u003eGateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or \u003c/span\u003e\u003cspan\u003eAAA virtual server\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Memory overflow vulnerability\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a\u00a0Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:57:25.158Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-8452",
"datePublished": "2026-06-30T12:41:07.622Z",
"dateReserved": "2026-05-13T00:35:55.317Z",
"dateUpdated": "2026-06-30T13:37:04.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8655 (GCVE-0-2026-8655)
Vulnerability from cvelistv5 – Published: 2026-06-30 12:46 – Updated: 2026-06-30 13:33
VLAI
EPSS
Title
Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service
Summary
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
Date Public
2026-06-30 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-30T13:33:42.732082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T13:33:48.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "37.272",
"status": "affected",
"version": "13.1 FIPS and NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "72.61",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "63.18",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-30T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eMultiple Memory overflow vulnerabilities in\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC and NetScaler Gateway\u0026nbsp;\u003c/span\u003e\u003cspan\u003eleading to unpredictable or erroneous behavior and Denial of Service if\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as an LB of type Oracle\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u0026nbsp;\u003c/strong\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS Proxy\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eNetScaler ADC is configured as a DNS recursive resolver deployment\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Multiple Memory overflow vulnerabilities in\u00a0NetScaler ADC and NetScaler Gateway\u00a0leading to unpredictable or erroneous behavior and Denial of Service if\u00a0NetScaler ADC is configured as an LB of type Oracle\u00a0OR\u00a0NetScaler ADC is configured as a DNS Proxy\u00a0OR\u00a0NetScaler ADC is configured as a DNS recursive resolver deployment"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:58:38.118Z",
"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"shortName": "NetScaler"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5",
"assignerShortName": "NetScaler",
"cveId": "CVE-2026-8655",
"datePublished": "2026-06-30T12:46:28.140Z",
"dateReserved": "2026-05-15T06:14:09.794Z",
"dateUpdated": "2026-06-30T13:33:48.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…