CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

NCSC-2026-0216 [1.00] [M/H] Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

unknownpublic exploitCVE-2026-8451CVE-2026-10817CVE-2026-8452CVE-2026-8655CVE-2026-13474CVE-2026-10816
Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway related to insufficient input validation, improper access control, and incorrect memory release. The vulnerabilities with CVE-2026-8451 and CVE-2026-10817 arise from insufficient input validation, where the software does not correctly check input sizes and limits. This can lead to memory overreads, potentially resulting in unauthorized disclosure of sensitive information when the products are configured as SAML IDP, or when TCP TimeStamp is enabled on a TCP profile linked to a virtual server of type: Load Balancing (LB), Content Switching (CS), or VPN. The vulnerabilities with CVE-2026-8452 and CVE-2026-8655 are in the way memory is managed in NetScaler ADC and NetScaler Gateway. This can lead to a denial-of-service (DoS) or unwanted control flow when the products are configured as Gateway, DNS proxy, recursive DNS resolver, or AAA virtual server. The vulnerability with CVE-2026-13474 arises from incorrect memory release. Malicious actors can exploit this vulnerability to cause a denial-of-service (DoS) via specially crafted HTTP/2 requests. The vulnerability with CVE-2026-10816 concerns an access control issue within the Management Interface. Unauthenticated malicious actors can exploit this vulnerability to read arbitrary files, potentially resulting in unauthorized disclosure of sensitive information. Researchers have shared Proof-of-Concept (PoC) code demonstrating the vulnerability with CVE-2026-8451.

CSIRTS triage

What
Insufficient input validation and improper memory management can lead to unauthorized information disclosure and denial-of-service.
Who is affected
Users of NetScaler ADC and NetScaler Gateway configured as SAML IDP or with TCP TimeStamp enabled.
Urgency
Remediation is urgent due to the potential for exploitation and critical nature of the vulnerabilities.
Action
Apply the necessary updates as specified in the advisory.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch NetScaler ADC and NetScaler Gateway

Get an email when a new NetScaler ADC and NetScaler Gateway advisory drops — max one per day, one-click unsubscribe.

Details

Source
NCSC-NL Advisories (NL · national-cert · site)
Severity
unknown
Published
2026-06-30
Exploitation
Not in CISA KEV at last sync
Language
Machine-translated to English — verify against the original

Original advisory: https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-8451coverage & exploitation statusNVD · CVE.org
CVE-2026-10817coverage & exploitation statusNVD · CVE.org
CVE-2026-8452coverage & exploitation statusNVD · CVE.org
CVE-2026-8655coverage & exploitation statusNVD · CVE.org
CVE-2026-13474coverage & exploitation statusNVD · CVE.org
CVE-2026-10816coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

Recent advisories for Citrix Netscaler ADC

A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.

More from NCSC-NL Advisories