AL26-016 - Vulnerability impacting Citrix NetScaler CVE-2026-8451
Number: AL26-016 Date: July 2, 2026 Audience This Alert is intended for IT professionals and managers. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested. Details The Cyber Centre is aware of a vulnerability impacting NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS (Federal Information Processing Standards) Footnote 1 Footnote 2 . In response to the vendor advisory released on June 30, 2026, the Cyber Centre released AV26-645 on June 30, 2026 Footnote 3 . Tracked as CVE-2026-8451 Footnote 4 , this vulnerability is an insufficient input validation (CWE-125) Footnote 5 vulnerability affecting many NetScaler ADC and NetScaler Gateway versions. If exploited, this vulnerability can lead to memory overread, if NetScaler ADC or NetScaler Gateway is configured as a Security Assertion Markup Language (SAML) Identity Provider (idP). The vulnerability only impacts customer-managed NetScaler ADC and NetScaler Gateway. The cloud services managed by Citrix have been upgraded with the necessary software updates related to this vulnerability. Suggested actions The Cyber Centre recommends that organizations using Citrix NetScaler ADC, NetScaler Gateway, NetScaler ADC FIPS and NFcPP Footnote 1 appliances update or upgrade the affected systems to the following versions: Affected Product Affected Versions Fixed Versions NetScaler ADC and NetScaler Gateway 14.1 14.1 before 14.1-72.61 14.1-72.61 NetScaler ADC and NetScaler Gateway 13.1 13.1 before 13.1-63.18 13.1-63.18 NetScaler ADC FIPS versions prior to 14.1-72.61 FIPS 14.1-72.61 NetScaler ADC FIPS and NDcPP versions prior to 13.1-37.272 13.1-37.272 The Cyber Centre reco
CSIRTS triage
- What
- A vulnerability impacting NetScaler ADC and Gateway has been identified.
- Who is affected
- IT professionals and managers using Citrix NetScaler products.
- Urgency
- The urgency is unknown, but the vulnerability may impact cyber information assets.
- Action
- Review the vendor advisory and apply any necessary mitigations.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch NetScaler
Get an email when a new NetScaler advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/al26-016-vulnerability-impacting-citrix-netscaler-cve-2026-8451
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-84510.50% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 39% of all scored CVEs.
- Low exploitation riskCVE-2026-84520.49% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 38% of all scored CVEs.
- Low exploitation riskCVE-2026-86550.46% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 37% of all scored CVEs.
- Low exploitation riskCVE-2026-108160.41% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 33% of all scored CVEs.
- Low exploitation riskCVE-2026-108170.41% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 33% of all scored CVEs.
- Low exploitation riskCVE-2026-134740.44% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 35% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-8451 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-8452 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-8655 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-10816 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-10817 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-13474 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownCitrix Products Multiple Vulnerabilitieshkcert
- high[UPDATE] [high] Citrix Systems NetScaler ADC and Gateway: Multiple vulnerabilitiescert-bund
- unknownMultiple vulnerabilities in Citrix products (July 1, 2026)cert-fr-avis
- unknownNCSC-2026-0216 [1.00] [M/H] Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gatewayncsc-nl
- criticalCitrix security advisory (AV26-645) – Update 1cccs
- criticalCVE-2026-8655: Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpr…nvd
- criticalCVE-2026-8452: Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or e…nvd
- highCVE-2026-8451: Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread…nvd
- highCVE-2026-13474: Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP…nvd
- highCVE-2026-10817: Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gatewa…nvd
- highCVE-2026-10816: Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to …nvd
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09