Vulnerability intelligence
CVE-2026-4368
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup
CVSS Score
7.7
High
EPSS — Exploit Probability
3.6%
Riskier than 88% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
1 article across 1 outlet · first covered Mar 31, 2026 · latest Mar 31, 2026
Tracked incidents
Coverage timeline
-
U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalogsecurityaffairs.com · Mar 31, 2026