{"api_version":"1","generated_at":"2026-07-01T17:14:50+00:00","cve":"CVE-2026-10817","urls":{"html":"https://cve.report/CVE-2026-10817","api":"https://cve.report/api/cve/CVE-2026-10817.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-10817","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-10817"},"summary":{"title":"Insufficient input validation leading to memory overread","description":"Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler","state":"PUBLISHED","assigner":"NetScaler","published_at":"2026-06-30 13:17:04","updated_at":"2026-06-30 14:19:23"},"problem_types":["CWE-125","CWE-125 CWE-125 Out-of-bounds read"],"metrics":[{"version":"4.0","source":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","type":"Secondary","score":"6.9","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"6.9","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","data":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":6.9,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"}}],"references":[{"url":"https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604","name":"https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604","refsource":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-10817","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-10817","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"NetScaler","product":"ADC","version":"affected 14.1 72.61 patch","platforms":[]},{"source":"CNA","vendor":"NetScaler","product":"ADC","version":"affected 13.1 63.18 patch","platforms":[]},{"source":"CNA","vendor":"NetScaler","product":"ADC","version":"affected 14.1 FIPS 72.61 patch","platforms":[]},{"source":"CNA","vendor":"NetScaler","product":"ADC","version":"affected 13.1 FIPS and NDcPP 37.272 patch","platforms":[]},{"source":"CNA","vendor":"NetScaler","product":"Gateway","version":"affected 14.1 72.61 patch","platforms":[]},{"source":"CNA","vendor":"NetScaler","product":"Gateway","version":"affected 13.1 63.18 patch","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-10817","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-06-30T13:28:08.900923Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-30T13:28:19.305Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"ADC","vendor":"NetScaler","versions":[{"lessThan":"72.61","status":"affected","version":"14.1","versionType":"patch"},{"lessThan":"63.18","status":"affected","version":"13.1","versionType":"patch"},{"lessThan":"72.61","status":"affected","version":"14.1 FIPS","versionType":"patch"},{"lessThan":"37.272","status":"affected","version":"13.1 FIPS and NDcPP","versionType":"patch"}]},{"defaultStatus":"unaffected","product":"Gateway","vendor":"NetScaler","versions":[{"lessThan":"72.61","status":"affected","version":"14.1","versionType":"patch"},{"lessThan":"63.18","status":"affected","version":"13.1","versionType":"patch"}]}],"datePublic":"2026-06-30T12:52:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span>Insufficient input validation leading to memory overread in&nbsp;</span><span>NetScaler ADC and NetScaler Gateway if the&nbsp;</span><span>TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler</span><br>"}],"value":"Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler"}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":6.9,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"CWE-125 Out-of-bounds read","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T12:58:38.850Z","orgId":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","shortName":"NetScaler"},"references":[{"url":"https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"}],"source":{"discovery":"UNKNOWN"},"title":"Insufficient input validation leading to memory overread","x_generator":{"engine":"Vulnogram 1.0.2"}}},"cveMetadata":{"assignerOrgId":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","assignerShortName":"NetScaler","cveId":"CVE-2026-10817","datePublished":"2026-06-30T12:58:38.850Z","dateReserved":"2026-06-04T05:49:25.173Z","dateUpdated":"2026-06-30T13:28:19.305Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-30 13:17:04","lastModifiedDate":"2026-06-30 14:19:23","problem_types":["CWE-125","CWE-125 CWE-125 Out-of-bounds read"],"metrics":{"cvssMetricV40":[{"source":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T13:28:08.900923Z","id":"CVE-2026-10817","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"10817","Ordinal":"1","Title":"Insufficient input validation leading to memory overread","CVE":"CVE-2026-10817","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"10817","Ordinal":"1","NoteData":"Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler","Type":"Description","Title":"Insufficient input validation leading to memory overread"}]}}}