Tag

Cve 2026 8451

All articles tagged with #cve 2026 8451

CitrixBleed Deepens: NetScaler Memory-Overread CVE-2026-8451 Exposed
security3 hours ago

CitrixBleed Deepens: NetScaler Memory-Overread CVE-2026-8451 Exposed

Security researchers reveal CVE-2026-8451, a memory overread in Citrix NetScaler appliances (ADC/Gateway) triggered when configured as a SAML IdP. A lax XML attribute parser can overread input, leaking data such as IDs and assertion URLs via the NSC_TASS cookie and potentially exposing memory contents. Citrix has issued patches after extensive analysis and demonstrations by watchTowr, highlighting ongoing memory-management weaknesses in NetScaler devices.