CVE-2026-8655

CRITICAL

Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-8655. PoCs published by HermesNA-1, derekpreston81.

AI-analyzed exploit summary This repository contains an auto-generated stub module for CVE-2026-8655, a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway. The code includes placeholder methods (`check` and `run`) but lacks actual exploit logic, referencing only a Citrix KB article for details.

Description

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment

Exploits (2)

github STUB 1 stars
by HermesNA-1 · pythonpoc
https://github.com/HermesNA-1/SnakeSploit/tree/main/data/modules_generated/cve-2026-8655_multiple_memory_overflow.py

This repository contains an auto-generated stub module for CVE-2026-8655, a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway. The code includes placeholder methods (`check` and `run`) but lacks actual exploit logic, referencing only a Citrix KB article for details.

Classification
Stub 98%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target: NetScaler ADC and NetScaler Gateway (specific versions not specified)
No auth needed
Prerequisites: NetScaler ADC configured as an Oracle-type load balancer (LB) · Network access to the target on the specified port (default: 80/443)
mistral-large-3 · analyzed Jul 09, 2026 Full analysis →
github SCANNER 1 stars
by derekpreston81 · pythonpoc
https://github.com/derekpreston81/CVE_ADC_IOC_2026

This repository contains a Python script that scans NetScaler configuration files for preconditions of specific CVEs, including CVE-2026-8655. It does not exploit the vulnerabilities but checks for configurations that may indicate vulnerability.

Classification
Scanner 100%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: NetScaler ADC
No auth needed
Prerequisites: access to NetScaler configuration file or SSH credentials
mistral-large-3 · analyzed Jul 01, 2026 Full analysis →

Scores

CVSS v3 9.8
EPSS 0.0046
EPSS Percentile 36.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-119
Status published
Products (10)
citrix/netscaler_application_delivery_controller 14.1-66.68
citrix/netscaler_application_delivery_controller < 13.1-37.272 (2 CPE variants)
citrix/netscaler_application_delivery_controller 13.1 - 13.1-63.18
citrix/netscaler_gateway 13.1 - 13.1-63.18
NetScaler/ADC 13.1 - 63.18
NetScaler/ADC 13.1 FIPS and NDcPP - 37.272
NetScaler/ADC 14.1 - 72.61
NetScaler/ADC 14.1 FIPS - 72.61
NetScaler/Gateway 13.1 - 63.18
NetScaler/Gateway 14.1 - 72.61
Published Jun 30, 2026
Tracked Since Jun 30, 2026