NetScaler Security BulletinCVE-2026-8451 / CVE-2026-8452 / CVE-2026-8655 / CVE-2026-10816 / CVE-2026-10817 / CVE-2026-13474*** HIGH ***Quick linksUpgrade informationCheck your NetScaler version information.
DetailsCVE-2026-8452 - Score 8.8/10Pre-Conditions If you use any of the following features, you are impacted by this vulnerability!
Description Multiple memory overflow vulnerabilities leading to unpredictable or erroneous behavior and denial-of-service. CWE-119:
CVE-2026-8451 - Score 8.8/10Pre-Conditiions Citrix ADC or Citrix Gateway must be configured as a SAML IDP Description Insufficient input validation leading to memory overread CWE-125:
CVE-2026-8655 - Score 8.8/10Pre-Conditions Citrix ADC must be configured as either one of the following:
Description Multiple memory overflow vulnerabilities leading to unpredictable or erroneous behavior and denial-of-service. CWE-119:
CVE-2026-10816 - Score 7.1/10Pre-Conditions Access to either of the following IP addresses:
Description Arbitrary File Read (Unauthenticated) CWE-73:
CVE-2026-10817 - Score 6.9/10Pre-Conditions TCP timestamp enabled in TCP Profile, AND associated with a virtual server of type (LB, CS, VPN), or the service configured on NetScaler Description CWE-125:
CVE-2026-13474 - Score 8.7/10Pre-Conditions HTTP/2 enabled in HTTP profile AND associated with a virtual server of type (LB, CS, VPN) or the service configured on NetScaler Description Denial-of-service via malformed HTTP/2 requests CWE-401:
|