Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application
The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sign of growing adversary interest in identity and access management systems.
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. [...]
NetScaler vendor issued a patch but otherwise, stony silence Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still haven't patched.…
Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions. [...]
Two emergency patches issued in two weeks Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products — but not before criminals found and exploited it as a zero-day.…
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild
Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet.…
Citrix NetScaler ADC and Gateway Bugs Exploited in the WildIT infrastructure mainstays including Netscaler, Atlassain and VMWare on Tuesday released fixes for vulnerabilities including some allowing malicious takeover of appliances. NetScaler warned customers Tuesday of two zero day vulnerabilities that researchers say are being exploited in the wild.
Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced. [...]
A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign
Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. [...]