Description
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
Published: 2026-06-30
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from insufficient input validation in NetScaler ADC and NetScaler Gateway when the devices are configured as a SAML identity provider, causing a memory overread (CWE-125). The overread can expose sensitive data or corrupt memory, potentially leading to information disclosure or system instability.

Affected Systems

NetScaler ADC and NetScaler Gateway appliances from Citrix are affected. The issue is present whenever the devices are set up as a SAML IDP; no specific version numbers are disclosed, so any deployment with that configuration may be vulnerable.

Risk and Exploitability

A CVSS score of 8.8 classifies this as high severity. EPSS data is not available and the vulnerability is not listed in CISA KEV, indicating no public exploitation yet. The attack vector is likely remote, requiring an attacker to send crafted input in SAML requests to trigger the memory overread.

Generated by OpenCVE AI on June 30, 2026 at 17:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the vendor-published fix described in the Citrix support article (https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604).
  • If the patch cannot be applied immediately, disable or remove the SAML IDP configuration on NetScaler ADC or NetScaler Gateway to eliminate the vulnerable code path.
  • Review SAML request handling to ensure proper bounds checking, input validation, and correct memory deallocation to mitigate both out-of-bounds reads and improper free of memory.

Generated by OpenCVE AI on June 30, 2026 at 17:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-788

Tue, 30 Jun 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-788

Tue, 30 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 30 Jun 2026 13:15:00 +0000

Type Values Removed Values Added
Description Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP
Title Insufficient input validation leading to memory overread
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: NetScaler

Published:

Updated: 2026-06-30T13:43:41.903Z

Reserved: 2026-05-13T00:35:53.452Z

Link: CVE-2026-8451

cve-icon Vulnrichment

Updated: 2026-06-30T13:43:06.460Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T16:30:16Z

Weaknesses