Dark Reading ·EN Restricted Exploited in the wildNetScaler Application Delivery ControllerNetScaler Gateway
CitrixBleed-ing Again? NetScaler Vulnerability Under Attack
CVE Tools coverage
Citrix disclosed CVE-2026-8451, a memory overread issue in NetScaler ADC and NetScaler Gateway devices configured as a SAML identity provider (IDP), with a CVSS score of 8.8. Researchers and security vendors report that threat actors are actively scanning for and using a proof-of-concept-style exploit, potentially leaking sensitive information and enabling further compromise (including privilege escalation and lateral movement). Organizations using affected NetScaler systems should prioritize applying the fixed versions and reviewing SAML IDP activity for suspicious events.