FILTERING BY: CLEAR FILTER

Citrix NetScaler ADC and Gateway: CVE-2026-8451 and HTTP/2 DoS Vulnerabilities

Citrix has patched six vulnerabilities in NetScaler ADC and NetScaler Gateway, most notably CVE-2026-8451 (CVSS 8.8). This high-severity flaw stems from insufficient input validation, enabling unauthorized arbitrary file reads and sensitive information disclosure, mirroring the technical patterns of the "CitrixBleed" exploit. Additionally, the update remediates an "HTTP/2 Bomb" vulnerability that facilitates Denial-of-Service (DoS) attacks via resource exhaustion, analogous to the HTTP/2 Rapid Reset vector. These vulnerabilities allow attackers to compromise perimeter security by exfiltrating memory contents or disrupting service availability. Immediate firmware updates are required to mitigate these risks.


LINK COPIED TO CLIPBOARD