Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

#50a63c94-1ea7-4568-8c11-eb79e7c5a2b5

Security Advisories

Reported CVEsVendorsProductsReports
8Vulnerabilities found

CVE-2026-13474
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-8.7||HIGH
EPSS-0.44% / 35.33%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 13:03
Updated-02 Jul, 2026 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service via malformed HTTP/2 requests

Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-10817
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 32.93%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:58
Updated-02 Jul, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation leading to memory overread

Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-10816
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-7.1||HIGH
EPSS-0.41% / 33.33%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:52
Updated-02 Jul, 2026 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Read (Unauthenticated)

Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CWE ID-CWE-73
External Control of File Name or Path
CVE-2026-8655
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-8.8||HIGH
EPSS-0.46% / 36.66%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:46
Updated-01 Jul, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2026-8452
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-8.8||HIGH
EPSS-0.49% / 38.35%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:41
Updated-01 Jul, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service

Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2026-8451
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-8.8||HIGH
EPSS-0.50% / 39.25%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:33
Updated-01 Jul, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation leading to memory overread

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGateway
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-3055
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-9.3||CRITICAL
EPSS-84.00% / 99.66%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 20:21
Updated-31 Mar, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-04-02||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Insufficient input validation leading to memory overread

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)NetScaler (Cloud Software Group, Inc.)
Product-netscaler_gatewaynetscaler_application_delivery_controllerADCGatewayNetScaler
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-4368
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
ShareView Details
Assigner-50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS Score-7.7||HIGH
EPSS-3.62% / 88.11%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 20:09
Updated-10 May, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Race Condition leading to User Session Mixup

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Action-Not Available
Vendor-NetScaler (Cloud Software Group, Inc.)
Product-GatewayADC
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')