netscaler
Safeguard articles tagged "netscaler" — guides, analysis, and best practices for software supply chain and application security.
8 articles
Citrix Bleed (CVE-2023-4966) Explained: Leaking Session Tokens Straight Past MFA
CVE-2023-4966, Citrix Bleed, let unauthenticated attackers read memory from NetScaler appliances and steal valid session tokens — hijacking sessions and bypassing multi-factor authentication.
Citrix NetScaler CVE-2026-3055: The SAML Memory-Overread CitrixBleed Echo of 2026
CVE-2026-3055 is an unauthenticated memory overread in NetScaler ADC/Gateway configured as a SAML IdP, CVSS 9.3, exploited since late March 2026 and drawing direct CitrixBleed comparisons. Full analysis.
Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators
CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.
CVE-2025-7775 in Citrix NetScaler: Patch Posture & SBOM Response
NetScaler ADC and Gateway memory overflow scored CVSS 9.2 and landed on CISA KEV with a 48-hour patch deadline. Here is the defender playbook.
Citrix Bleed 2: Analysis and Mitigation
CVE-2025-5777 revived the memory-leak pattern that broke NetScaler in 2023. Here is what the 2025 variant does, who is exploiting it, and how to respond.
CVE-2025-5777 (Citrix Bleed 2): NetScaler Memory Disclosure Deep Dive
A second Citrix Bleed leaks session tokens from NetScaler ADC and Gateway memory. We dissect the buffer over-read and the IR playbook.
Citrix NetScaler CVE-2025 Vulnerabilities: Another Year, Another Gateway Crisis
Citrix NetScaler started 2025 with multiple critical CVEs affecting ADC and Gateway products. We break down the technical details and the recurring pattern.
Citrix Bleed CVE-2023-4966: Session Token Theft That Bypassed Every Authentication Control
Citrix Bleed allowed attackers to steal session tokens from NetScaler ADC, bypassing MFA and all authentication controls. LockBit ransomware used it to devastating effect.