CVE Tools
Back to feed
Dark Reading ·EN Restricted Exploited in the wildNetScaler Application Delivery ControllerNetScaler Gateway

CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

By Rob Wright··3 min read
CVE Tools coverage

Citrix disclosed CVE-2026-8451, a memory overread issue in NetScaler ADC and NetScaler Gateway devices configured as a SAML identity provider (IDP), with a CVSS score of 8.8. Researchers and security vendors report that threat actors are actively scanning for and using a proof-of-concept-style exploit, potentially leaking sensitive information and enabling further compromise (including privilege escalation and lateral movement). Organizations using affected NetScaler systems should prioritize applying the fixed versions and reviewing SAML IDP activity for suspicious events.