Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Citrix NetScaler ADC and Gateway SAML IDP Memory Overread Vulnerability

Vulnerability

Exploited

Patched

A vulnerability exists in Citrix NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider. This vulnerability is due to insufficient input validation, which can lead to a memory overread condition.

Impact

Exploitation of this vulnerability causes a memory overread, which can potentially lead to information disclosure.

Remediation

Affected customers are advised to upgrade to NetScaler ADC and NetScaler Gateway versions 14.1-66.59 or later, 13.1-62.23 or later, or for NetScaler ADC 13.1-FIPS and 13.1-NDcPP, version 13.1.37.262 or later.

Added: Mar 23, 2026, 9:30 PM

Updated: Mar 30, 2026, 7:48 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

9.3

remediation

8.3

relevance

4.6

threat

9.8

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

9.3

remediation

8.3

relevance

4.6

threat

9.8

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Citrix NetScaler ADC and Gateway SAML IDP Memory Overread Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Citrix NetScaler ADC

Citrix NetScaler Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating