Memory Overflow Vulnerabilities in NetScaler Products by Citrix
CVE-2026-8655

8.8HIGH

Key Information:

Vendor: Netscaler
Status: Adc; Gateway
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-8655?

Multiple memory overflow vulnerabilities exist in Citrix's NetScaler ADC and NetScaler Gateway. These vulnerabilities can lead to unpredictable behavior or Denial of Service when the NetScaler ADC is configured as a load balancer for Oracle, as a DNS Proxy, or as a DNS recursive resolver. Upon exploitation, these flaws can disrupt services and compromise system stability, highlighting the need for immediate attention in affected configurations.

Affected Version(s)

ADC 14.1 < 72.61

ADC 13.1 < 63.18

ADC 14.1 FIPS < 72.61

References

https://support.citrix.com/support-home/kbsearch/article?...

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
May 15, 2026

CVE-2026-8655 Data

JSON

Netscaler

What is CVE-2026-8655?

Affected Version(s)

References

CVSS V4

Timeline