CVE-2026-3055 Insufficient input validation leading to memory overread

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...

PT-2026-28889

Уязвимость контроллера доставки приложений NetScaler ADC ранее Citrix ADC и системы контроля доступа к виртуальной среде NetScaler Gateway ранее Citrix Gateway связана с ошибками синхронизации при использовании общего ресурса. Эксплуатация уязвимости может позволить нарушителю, действующему...

PT-2026-28888

Уязвимость контроллера доставки приложений NetScaler ADC ранее Citrix ADC и системы контроля доступа к виртуальной среде NetScaler Gateway ранее Citrix Gateway связана с чтением за пределами допустимого диапазона в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно,...

EUVD-2025-25901

Malicious code in bioql PyPI...

PT-2025-34761

Name of the Vulnerable Software and Affected Versions Citrix NetScaler ADC and NetScaler Gateway versions prior to 14.1-47.48, 13.1-59.22, and 13.1-37.241-FIPS, and 12.1-55.330-FIPS Description Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that allows for remo...

Citrix NetScaler Memory Overflow Vulnerability

Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service...

Vulnerability fixed in Citrix NetScaler ADC and NetScaler Gateway

Citrix has fixed a vulnerability in NetScaler ADC and NetScaler Gateway. To be vulnerable, NetScaler must be configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server. Note that this is often default config. The vulnerability is in the way memory is managed in...

CVE-2025-5349

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway...

PT-2025-32: Authentication bypass in NetScaler ADC

The discovered vulnerability in NetScaler ADC allows an attacker to bypass the authentication proceduce. The affected products: NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-43.56 NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-58.32 NetScaler ADC 13.1-FIPS and NDcPP BEFORE...

Application firewall Logs are not logged locally in NetScaler

NetScaler appfw logs are being forwarded to the syslog server as expected. However, the logs are not being logged or displayed in the local /var/log/ns.log. Config: add audit syslogPolicy sysadv1 true sys1bind audit syslogGlobal -policyName sysadv1 -priority 100 -globalBindType APPFWGLOBA Before...

CVE-2024-5491

Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler...

Citrix Systems NetScaler ADC and Citrix Systems NetScaler Gateway Security Vulnerabilities

Citrix Systems NetScaler Gateway Citrix Systems Gateway and Citrix Systems NetScaler ADC are both products of Citrix Systems, Inc.Citrix Systems NetScaler Gateway is a secure remote access solution. The solution provides administrators with application-level and data-level controls to enable user...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 An Exploitation script developed to exploit the...

The vulnerability of the microprogramming software used in access control systems for the NetScaler Gateway virtual environment and the Citrix NetScaler Application Delivery Controller lies in the improper name restrictions on the path to the restricted directory. This allows attackers to gain access to published applications and carry out attacks from the Citrix server to other resources within the attacked company’s internal network.

The vulnerability of the microprogramming software used in access control systems for the NetScaler Gateway virtual environment, as well as the microprogramming software used in the Citrix NetScaler Application Delivery Controller, exists due to an incorrect limitation on the path name to the...

CVE-2018-6808

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system...

CVE-2017-17382

Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a...

Citrix Systems NetScaler ADC and Gateway Information Disclosure Vulnerability (CNVD-2016-02416)

Citrix Systems NetScaler ADC is a suite of service and application delivery solutions and Citrix Access Gateway Enterprise Edition is a secure remote access solution. An information disclosure vulnerability exists in Citrix Systems NetScaler ADC and Gateway, which can be exploited by remote...

The vulnerabilities of the microprogramming software in the access control system for the virtual environment NetScaler Gateway and the NetScaler Application Delivery Controller allow a perpetrator to enhance their privileges.

The multiple vulnerabilities of the microprogramming software for access control systems in the NetScaler Gateway and the NetScaler Application Delivery Controller are related to code errors. Exploiting these vulnerabilities could allow a malicious actor to enhance their privileges by manipulatin...