- Description
- Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
- Source
- 50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
- NVD status
- Analyzed
- Products
- netscaler_application_delivery_controller, netscaler_gateway
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- 50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
- CWE-125
- Hype score
- Not currently trending
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-8451, CVE-2026-8452, CVE-2026-8655, CVE-2026-10816, CVE-2026-10817, and CVE-2026-13474 https://t.co/UGmoOer9KD #patchmanagement
@eyalestrin
4 Jul 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 6 high-severity Citrix NetScaler flaws - CVE-2026-8451 - CVE-2026-8452 - CVE-2026-8655 - CVE-2026-10816 - CVE-2026-10817 - CVE-2026-13474 All six stem from improper memory handling/input validation, enabling DoS and memory overflow. Fixes: - 14.1 → upgrade to 14.1-72.61
@techepages
1 Jul 2026
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨🚨 NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-8451, CVE-2026-8452, CVE-2026-8655, CVE-2026-10816, CVE-2026-10817, and CVE-2026-13474 https://t.co/5V1endcgNp
@autumn_good_35
1 Jul 2026
620 Impressions
0 Retweets
3 Likes
1 Bookmark
1 Reply
0 Quotes
🚨🚨🚨@cloudsoftware has just issued a security bulletin for @NetScaler 🚨🚨🚨 Severity: *** HIGH *** CVE: CVE-2026-8451 / CVE-2026-8452 / CVE-2026-8655 / CVE-2026-10816 / CVE-2026-10817 / CVE-2026-13474 For more information: https://t.co/GsLEmIbEMS
@jantytgat
30 Jun 2026
139 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"matchCriteriaId": "D8189708-5190-45E3-BF9A-7A429E87DFE7",
"versionEndExcluding": "13.1-37.272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"matchCriteriaId": "D93A5760-5C50-4786-B981-24A7B35C3055",
"versionEndExcluding": "13.1-37.272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"matchCriteriaId": "BC139A27-D7CE-4D92-9A1F-09713C4C9546",
"versionEndExcluding": "13.1-63.18",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"matchCriteriaId": "0108075C-1047-449C-A707-F2532770C2AD",
"versionEndExcluding": "14.1-72.61",
"versionStartIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:14.1-66.68:*:*:*:fips:*:*:*",
"matchCriteriaId": "A2BC089B-97D0-4FDB-A336-74409DCDC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "962D2276-7285-41E2-A867-D464AE11677F",
"versionEndExcluding": "13.1-63.18",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1591FBCE-57DD-416F-A858-E898B0946AB6",
"versionEndExcluding": "14.1-72.61",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]