Citrix Netscaler Application Delivery Controller — known CVE vulnerabilities
Every CVE whose affected-product data names Citrix Netscaler Application Delivery Controller, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (30)
CVE-2014-2882 — CVSS 10.0 (critical): Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before…
CVE-2014-2881 — CVSS 10.0 (critical): Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler…
CVE-2026-8452 — CVSS 9.8 (critical): Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if…
CVE-2025-7776 — CVSS 9.8 (critical): Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway…
CVE-2026-8655 — CVSS 9.8 (critical): Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial…
CVE-2023-4967 — CVSS 8.2 (high): Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or…
CVE-2024-8535 — CVSS 8.1 (high): Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a…
CVE-2024-8534 — CVSS 8.1 (high): Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be…
CVE-2013-6011 — CVSS 7.8 (high): Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service…
CVE-2026-13474 — CVSS 7.5 (high): Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated…
CVE-2026-8451 — CVSS 7.5 (high): Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is…
CVE-2018-5314 — CVSS 7.5 (high): Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0…
CVE-2026-10816 — CVSS 7.5 (high): Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with…
CVE-2026-10817 — CVSS 7.5 (high): Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP…
CVE-2024-5492 — CVSS 6.1 (medium): Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler…
CVE-2015-3642 — CVSS 5.9 (medium): The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with…