Zero Day MonitorZDM

← Back to list

7.5

CVE-2026-8655PATCHED

citrix · adc

Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Description

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment

Affected Products

Vendor	Product	Versions
citrix	adc	14.1, 13.1, 14.1 FIPS, 13.1 FIPS and NDcPP, 14.1, 13.1

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604

Related News (2 articles)

Tier B

CCCS Canada5h ago

Citrix security advisory (AV26-645)

→ No new info (linked only)

Tier C

VulDB7h ago

CVE-2026-8655 | Citrix NetScaler ADC/NetScaler Gateway prior 37.272/63.18/72.61 denial of service (CTX696604)

→ No new info (linked only)

CVSS 3.17.5 HIGH

CISA KEV❌ No

Actively exploited❌ No

Patch available

72.6163.1837.272

CWECWE-119

PublishedJun 30, 2026

Last enriched6h agov2

Tags

CVE-2026-8655

Trending Score48

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-8451EXP

Insufficient input validation leading to memory overread

HIGHCVE-2026-8452EXP

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service

HIGHCVE-2026-13474EXP

Denial of service via malformed HTTP/2 requests

HIGHCVE-2026-10817

Insufficient input validation leading to memory overread

CRITICALCVE-2026-10816

Arbitrary File Read (Unauthenticated)

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 30, 2026

Discovered by ZDM

Jun 30, 2026

Patch Available

Jun 30, 2026

Updated: severity, cvssEstimate, tags

Jun 30, 2026

Version History

v2

Last enriched 6h ago

v2Tier C6h ago

Updated severity to HIGH, added CVSS estimate of 7.5, and corrected exploit availability to false.

severitycvssEstimatetags

via VulDB

v19h ago

Initial creation