CVE-2026-8451

Summary

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 72.61affected
NetScalerADC13.1 < 63.18affected
NetScalerADC14.1 FIPs < 72.61affected
NetScalerADC13.1 FIPS and NDcPP < 37.272affected
NetScalerGateway14.1 < 72.61affected
NetScalerGateway13.1 < 63.18affected

Weaknesses

  • awe-125

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References