Netscaler application delivery controller

This hub aggregates every CVE we track for Netscaler application delivery controller, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Networking Infrastructureon-premnetwork device

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH13CRITICAL11MEDIUM5

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Netscaler application delivery controller.

CVE-2026-3055Insufficient input validation leading to memory overreadKEV9.8Mar 23, 2026
CVE-2025-12101Cross-Site Scripting (XSS)8.8Nov 11, 2025
CVE-2025-7776Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service9.8Aug 26, 2025
CVE-2025-7775Memory overflow vulnerability leading to Remote Code Execution and/or Denial of ServiceKEV9.8Aug 26, 2025
CVE-2025-6543Memory overflow vulnerability leading to unintended control flow and Denial of ServiceKEV9.8Jun 25, 2025
CVE-2025-5349NetScaler ADC and NetScaler Gateway - Improper access control on the NetScaler Management Interface8.8Jun 17, 2025
CVE-2025-5777NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overreadKEV7.5Jun 17, 2025
CVE-2024-8535Authenticated user can access unintended user capabilities8.1Nov 12, 2024
CVE-2024-8534Memory safety vulnerability leading to memory corruption and Denial of Service8.1Nov 12, 2024
CVE-2024-5492Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites6.1Jul 10, 2024
CVE-2024-5491Denial of Service7.5Jul 10, 2024
CVE-2023-6549Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory ReadKEV8.2Jan 17, 2024
CVE-2023-6548Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authen...KEV5.5Jan 17, 2024
CVE-2023-4967Denial of service8.2Oct 27, 2023
CVE-2023-4966Unauthenticated sensitive information disclosureKEV9.4Oct 10, 2023

Product normalization is registry-driven with AI assist and human review. How it works