CVE-2026-8452

CRITICAL

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-8452. PoCs published by derekpreston81.

AI-analyzed exploit summary This repository contains a Python script that scans NetScaler configuration files for preconditions related to multiple CVEs, including CVE-2026-8452. It does not exploit the vulnerabilities but detects configurations that may be vulnerable.

Description

Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

Exploits (1)

github SCANNER 1 stars
by derekpreston81 · pythonpoc
https://github.com/derekpreston81/CVE_ADC_IOC_2026

This repository contains a Python script that scans NetScaler configuration files for preconditions related to multiple CVEs, including CVE-2026-8452. It does not exploit the vulnerabilities but detects configurations that may be vulnerable.

Classification
Scanner 100%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: NetScaler ADC
No auth needed
Prerequisites: access to NetScaler configuration file or SSH credentials
mistral-large-3 · analyzed Jul 01, 2026 Full analysis →

Scores

CVSS v3 9.8
EPSS 0.0049
EPSS Percentile 38.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-119
Status published
Products (10)
citrix/netscaler_application_delivery_controller 14.1-66.68
citrix/netscaler_application_delivery_controller < 13.1-37.272 (2 CPE variants)
citrix/netscaler_application_delivery_controller 13.1 - 13.1-63.18
citrix/netscaler_gateway 13.1 - 13.1-63.18
NetScaler/ADC 13.1 - 63.18
NetScaler/ADC 13.1 FIPS and NDcPP - 37.272
NetScaler/ADC 14.1 - 72.61
NetScaler/ADC 14.1 FIPS - 72.61
NetScaler/Gateway 13.1 - 63.18
NetScaler/Gateway 14.1 - 72.61
Published Jun 30, 2026
Tracked Since Jun 30, 2026