<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T20:41:44.514715+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bee5e5a5-bc27-48b8-8d2f-4be9886b1854/export</id>
    <title>bee5e5a5-bc27-48b8-8d2f-4be9886b1854</title>
    <updated>2026-07-01T20:41:44.535946+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bee5e5a5-bc27-48b8-8d2f-4be9886b1854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116845190558867458", "content": "A lot of offensive activities were identified targeting Citrix NetScaler ADC and NetScaler Gateway (CVE-2026-8451) https://vuldb.com/vuln/374866/cti", "creation_timestamp": "2026-07-01T14:28:36.125577Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bee5e5a5-bc27-48b8-8d2f-4be9886b1854/export"/>
    <published>2026-07-01T14:28:36.125577+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/63f13518-05a2-4058-aeec-ebe508c9e016/export</id>
    <title>63f13518-05a2-4058-aeec-ebe508c9e016</title>
    <updated>2026-07-01T20:41:44.538983+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "63f13518-05a2-4058-aeec-ebe508c9e016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-citrix-10", "content": "", "creation_timestamp": "2026-07-01T13:45:06.812694Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/63f13518-05a2-4058-aeec-ebe508c9e016/export"/>
    <published>2026-07-01T13:45:06.812694+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a067f862-8c55-4cc0-bf11-d3c4727f78a0/export</id>
    <title>a067f862-8c55-4cc0-bf11-d3c4727f78a0</title>
    <updated>2026-07-01T20:41:44.540351+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a067f862-8c55-4cc0-bf11-d3c4727f78a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpll4nsdet23", "content": "\ud83d\udd17 CVE : CVE-2026-10816, CVE-2026-10817, CVE-2026-13474, CVE-2026-8451, CVE-2026-8452, CVE-2026-8655", "creation_timestamp": "2026-07-01T13:00:06.564831Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a067f862-8c55-4cc0-bf11-d3c4727f78a0/export"/>
    <published>2026-07-01T13:00:06.564831+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ef78be22-aeab-4623-9e06-fd18553dad02/export</id>
    <title>ef78be22-aeab-4623-9e06-fd18553dad02</title>
    <updated>2026-07-01T20:41:44.540482+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ef78be22-aeab-4623-9e06-fd18553dad02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mplhwnfofk2p", "content": "Citrix fixed six NetScaler flaws, including a pre-login memory leak (CVE-2026-8451) and an HTTP/2 Bomb denial of service.\n\nOne catch: the HTTP/2 fix does nothing until you enable HTTP Strict Profiles.\n\nUpgrade to 14.1-72.61 / 13.1-63.18, then check the setting.", "creation_timestamp": "2026-07-01T12:03:04.581588Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ef78be22-aeab-4623-9e06-fd18553dad02/export"/>
    <published>2026-07-01T12:03:04.581588+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20/export</id>
    <title>3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20</title>
    <updated>2026-07-01T20:41:44.540598+00:00</updated>
    <author>
      <name>Alexandre Dulaunoy</name>
      <uri>https://cvepremium.circl.lu/user/adulau</uri>
    </author>
    <content>{"uuid": "3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/ecf78090-6993-45d3-aa99-c6de905a5e7a", "content": "", "creation_timestamp": "2026-07-01T07:59:26.932836Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20/export"/>
    <published>2026-07-01T07:59:26.932836+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/090a2f1e-542a-4763-a257-069e0aa7648e/export</id>
    <title>090a2f1e-542a-4763-a257-069e0aa7648e</title>
    <updated>2026-07-01T20:41:44.541876+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "090a2f1e-542a-4763-a257-069e0aa7648e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://thehackernews.com/2026/07/citrix-patches-six-netscaler-flaws.html", "content": "Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-8451 (CVSS score: 8.8) - An insufficient input validation", "creation_timestamp": "2026-07-01T07:00:47.915018Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/090a2f1e-542a-4763-a257-069e0aa7648e/export"/>
    <published>2026-07-01T07:00:47.915018+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc/export</id>
    <title>5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc</title>
    <updated>2026-07-01T20:41:44.542018+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mpkmxmybse2l", "content": "Citrix patched six NetScaler flaws, including CVE-2026-8451, a high-severity memory disclosure bug linked to CitrixBleed-like issues in SAML auth parsing. #Citrix #NetScaler #CVE-2026-8451", "creation_timestamp": "2026-07-01T04:00:25.922189Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc/export"/>
    <published>2026-07-01T04:00:25.922189+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d8d80fda-33dd-4cd0-8648-1d98088f99a9/export</id>
    <title>d8d80fda-33dd-4cd0-8648-1d98088f99a9</title>
    <updated>2026-07-01T20:41:44.542130+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "d8d80fda-33dd-4cd0-8648-1d98088f99a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-645", "content": "", "creation_timestamp": "2026-07-01T02:37:53.676894Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d8d80fda-33dd-4cd0-8648-1d98088f99a9/export"/>
    <published>2026-07-01T02:37:53.676894+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88/export</id>
    <title>bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88</title>
    <updated>2026-07-01T20:41:44.542235+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216", "content": "Citrix heeft kwetsbaarheden verholpen in NetScaler ADC en NetScaler Gateway die verband houden met onvoldoende invoervalidatie, onjuiste toegangscontrole en het onjuist vrijgeven van geheugen. De kwetsbaarheden met de kenmerken CVE-2026-8451 en CVE-2026-10817 ontstaan door onvoldoende invoervalidatie, waarbij de software invoergroottes en -grenzen niet correct controleert. Dit kan leiden tot geheugenoverlezingen, wat kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie, wanneer de producten zijn geconfigureerd als SAML IDP, of als TCP TimeStamp is ingeschakeld bij een TCP-profiel dat is gekoppeld aan een virtuele server van het type: Load Balancing (LB), Content Switching (CS) of VPN.\n\nDe kwetsbaarheden met de kenmerken CVE-2026-8452 en CVE-2026-8655 bevinden zich in de manier waarop geheugen wordt beheerd in NetScaler ADC en NetScaler Gateway. Dit kan leiden tot een denial-of-service (DoS) of een ongewenste control flow wanneer de producten zijn geconfigureerd als Gateway, DNS-proxy, recursieve DNS-resolver of AAA-virtuele server.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-13474 ontstaat door het onjuist vrijgeven van geheugen. Kwaadwillenden kunnen deze kwetsbaarheid misbruiken door via speciaal geprepareerde HTTP/2-verzoeken een denial-of-service (DoS) te veroorzaken.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-10816 betreft een probleem met de toegangscontrole binnen de Management Interface. Niet-geauthenticeerde kwaadwillenden op afstand kunnen de kwetsbaarheid misbruiken om willekeurige bestanden uit te lezen. Dit kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie.\n\nOnderzoekers hebben Proof-of-Concept (PoC) code gedeeld waarmee de kwetsbaarheid met kenmerk CVE-2026-8451 kan worden aangetoond.", "creation_timestamp": "2026-07-01T01:00:46.586877Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88/export"/>
    <published>2026-07-01T01:00:46.586877+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/689876b9-22c0-4c44-8108-4f205a907752/export</id>
    <title>689876b9-22c0-4c44-8108-4f205a907752</title>
    <updated>2026-07-01T20:41:44.542354+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "689876b9-22c0-4c44-8108-4f205a907752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpk26m4nrw2k", "content": "CVE-2026-8451: Are Citrix's Patches Sufficient to Mitigate Risks? #CVE2026 #Citrix #NetScaler", "creation_timestamp": "2026-06-30T22:24:19.137728Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/689876b9-22c0-4c44-8108-4f205a907752/export"/>
    <published>2026-06-30T22:24:19.137728+00:00</published>
  </entry>
</feed>
