Citrix CVEs & Vulnerabilities

6 CVEs affecting Citrix products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

netscaler application delivery controller 12netscaler gateway 6
CVE-2026-8655CRITICAL

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment

30 Jun 2026
9.8
CVSS
CVE-2026-8452CRITICAL

Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

30 Jun 2026
9.8
CVSS
CVE-2026-8451KEVHIGHin the wild

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

30 Jun 2026
7.5
CVSS
CVE-2026-13474HIGH

Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler

30 Jun 2026
7.5
CVSS
CVE-2026-10817HIGH

Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler

30 Jun 2026
7.5
CVSS
CVE-2026-10816HIGH

Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled

30 Jun 2026
7.5
CVSS
← PrevPage 1 / 1Next →