securityonline.info 7/2/2026, 5:51:20 PM · external

Citrix NetScaler CVE-2026-8451 exploited, patch now urged

Citrix NetScaler CVE-2026-8451 exploited, patch now urged
Developing story vulnerability 4 articles tracked
Citrix patches multiple NetScaler ADC and Gateway vulnerabilities
CyberSIXT Evidence Panel
Primary Source support.citrix.com
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

A critical vulnerability (CVE-2026-8451) in Citrix NetScaler is being actively exploited, allowing attackers to perform pre-authentication memory overreads on appliances configured as SAML identity providers. This flaw poses serious risks as it can grant attackers access before user login. Technical details and proof-of-concept code were released, facilitating exploitation within 24 hours. Affected versions include NetScaler ADC and Gateway 14.1 prior to 14.1-72.61 and 13.1 prior to 13.1-63.18.

Citrix has provided patched versions, urging organizations to update immediately due to ongoing attacks. Incident reports indicate active exploitation attempts.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline