logo

CVE-2026-8451 Adds a New NetScaler Memory Overread to the CitrixBleed Pattern

ID: fe06f0e5-2690-560a-b4e5-51cc54c8856d

STIX ID: report--fe06f0e5-2690-560a-b4e5-51cc54c8856d

Feed Name: SOCRadar Blog

Threat Score
72/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

Author: ameer

...
...

CVE-2026-8451 is a high-severity (CVSS 8.8) memory overread in Citrix NetScaler ADC/Gateway that can disclose process memory when the appliance is configured as a SAML Identity Provider and processes malformed SAML authentication requests at /saml/login; affected 13.1 and 14.1 builds have fixed updates available and defenders should prioritize patching internet-facing SAML IdP instances and validate exposure using ASM/CTI and available detection tooling.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.