CVE-2026-8452EXPLOITEDPATCHED

citrix · adc

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service

Description

A vulnerability has been found in Citrix NetScaler ADC and NetScaler Gateway classified as problematic. The affected element is an unknown function of the component Virtual Server Page. Performing a manipulation results in denial of service. This vulnerability was named CVE-2026-8452. The attack may be initiated remotely.

Affected Products

Vendor	Product	Versions
citrix	adc	14.1, 13.1, 14.1 FIPS, 13.1 FIPS and NDcPP, 14.1, 13.1

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604

Related News (2 articles)

Tier B

CCCS Canada3h ago

Citrix security advisory (AV26-645)

→ No new info (linked only)

Tier C

VulDB5h ago

CVE-2026-8452 | Citrix NetScaler ADC/NetScaler Gateway Virtual Server Page denial of service (CTX696604)

→ No new info (linked only)

CVSS 3.17.5 HIGH

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

72.6163.1837.272

CWECWE-119

PublishedJun 30, 2026

Last enriched5h agov2

Trending Score67

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-8451EXP

Insufficient input validation leading to memory overread

Trending: 80

HIGHCVE-2026-13474EXP

Denial of service via malformed HTTP/2 requests

Trending: 67

HIGHCVE-2026-8655

Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Trending: 48

HIGHCVE-2026-10817

Insufficient input validation leading to memory overread

Trending: 48

CRITICALCVE-2026-10816

Arbitrary File Read (Unauthenticated)

Trending: 41

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 30, 2026

Discovered by ZDM

Jun 30, 2026

Actively Exploited

Jun 30, 2026

Patch Available

Jun 30, 2026

Updated: description, severity, cvssEstimate, activelyExploited

Jun 30, 2026

Version History

Last enriched 5h ago

v2Tier C5h ago

Updated description with new technical details, changed severity to HIGH, estimated CVSS score to 7.5, and noted that the exploit is not available but the vulnerability is actively exploited.

descriptionseveritycvssEstimateactivelyExploited

via VulDB

v18h ago

Initial creation