Known Vulnerabilities for products from Citrix
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Citrix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Citrix can be found at device.report : Citrix
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-13474 json | Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profil... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-10817 json | Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is ena... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-10816 json | Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or... | Not Provided | 2026-06-30 | 2026-07-02 |
| CVE-2026-8655 json | Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behav... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-8452 json | Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-8451 json | Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetSca... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-3055 json | Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory over... | Not Provided | 2026-03-23 | 2026-03-31 |
| CVE-2025-66391 json | Not Provided | 2026-06-17 | 2026-06-17 | |
| CVE-2025-1223 json | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Se... | Not Provided | 2025-02-20 | 2026-04-29 |
| CVE-2025-1222 json | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Sec... | Not Provided | 2025-02-20 | 2026-04-29 |
| CVE-2023-31026 json | NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-po... | 5.5 - MEDIUM | 2023-11-02 | 2023-11-13 |
| CVE-2023-31022 json | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer deref... | 5.5 - MEDIUM | 2023-11-02 | 2023-11-13 |
| CVE-2023-31021 json | NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicio... | 5.5 - MEDIUM | 2023-11-02 | 2023-11-13 |
| CVE-2023-31018 json | NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user... | 5.5 - MEDIUM | 2023-11-02 | 2023-11-13 |
| CVE-2023-25517 json | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to cont... | 7.1 - HIGH | 2023-07-04 | 2023-07-12 |
| CVE-2023-24492 json | A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attac... | 8.8 - HIGH | 2023-07-11 | 2023-07-20 |
| CVE-2023-24491 json | A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an at... | 7.8 - HIGH | 2023-07-11 | 2023-07-19 |
| CVE-2023-24490 json | Users with only access to launch VDA applications can launch an unauthorized desktop | 4.3 - MEDIUM | 2023-07-10 | 2023-07-18 |
| CVE-2023-24489 json | A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could al... | 9.8 - CRITICAL | 2023-07-10 | 2023-07-18 |
| CVE-2023-24488 json | Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripti... | 6.1 - MEDIUM | 2023-07-10 | 2023-11-07 |
Known software with vulnerabilities from Citrix
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Citrix | 4000-wo | - |
| Hardware | Citrix | 4100-wo | - |
| Hardware | Citrix | 5000-wo | - |
| Hardware | Citrix | 5100-wo | - |
| Application | Citrix | Access Client For Metaframe | 4.0.0 |
| Application | Citrix | Access Essentials | - |
| Application | Citrix | Access Gateway | - |
| Application | Citrix | Access Gateway Plug-in | 10.0 |
| Application | Citrix | Access Management Console | 5.0 |
| Application | Citrix | Access Management Console Diagnostics | 4.5.1.0 |
| Application | Citrix | Access Management Console Framework | 4.5.2.0 |
| Application | Citrix | Access Management Console Knowledge Base | 4.5.0.0 |
| Application | Citrix | Access Management Console Legacy Tools | 4.5.0.0 |
| Application | Citrix | Access Management Console Report Center | 4.5.0.0 |
| Application | Citrix | Access Management Console Web Interface | 4.5.0.0 |
| Application | Citrix | Appdna | 7.18 |
| Hardware | Citrix | Application Delivery Controller | - |
| Operating System | Citrix | Application Delivery Controller Firmware | 10.5 |
| Application | Citrix | Application Delivery Management | 12.1 |
| Hardware | Citrix | Application Gateway | 6.0 |