CVE Catalog

CVE-2026-8451

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.53%

41th percentile — higher than 41% of all known CVEs

Summary

Insufficient input validation in NetScaler ADC and NetScaler Gateway leads to memory overread when the device is configured as a SAML IDP.

Risk Assessment

An attacker could exploit this vulnerability to read sensitive data from memory, potentially leading to information disclosure or further attack escalation within the organization's network.

Recommendation

Immediately update NetScaler ADC and NetScaler Gateway to the latest patched version and temporarily disable the SAML IDP feature if not essential.

Original NVD description (English source)

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

Vulnerability data from NVD (NIST) · CISA KEV · EPSS