<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 01 Jul 2026 19:27:03 +0000</lastBuildDate>
    <item>
      <title>bee5e5a5-bc27-48b8-8d2f-4be9886b1854</title>
      <link>https://vulnerability.circl.lu/sighting/bee5e5a5-bc27-48b8-8d2f-4be9886b1854/export</link>
      <description>{"uuid": "bee5e5a5-bc27-48b8-8d2f-4be9886b1854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116845190558867458", "content": "A lot of offensive activities were identified targeting Citrix NetScaler ADC and NetScaler Gateway (CVE-2026-8451) https://vuldb.com/vuln/374866/cti", "creation_timestamp": "2026-07-01T14:28:36.125577Z"}</description>
      <content:encoded>{"uuid": "bee5e5a5-bc27-48b8-8d2f-4be9886b1854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116845190558867458", "content": "A lot of offensive activities were identified targeting Citrix NetScaler ADC and NetScaler Gateway (CVE-2026-8451) https://vuldb.com/vuln/374866/cti", "creation_timestamp": "2026-07-01T14:28:36.125577Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bee5e5a5-bc27-48b8-8d2f-4be9886b1854/export</guid>
      <pubDate>Wed, 01 Jul 2026 14:28:36 +0000</pubDate>
    </item>
    <item>
      <title>63f13518-05a2-4058-aeec-ebe508c9e016</title>
      <link>https://vulnerability.circl.lu/sighting/63f13518-05a2-4058-aeec-ebe508c9e016/export</link>
      <description>{"uuid": "63f13518-05a2-4058-aeec-ebe508c9e016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-citrix-10", "content": "", "creation_timestamp": "2026-07-01T13:45:06.812694Z"}</description>
      <content:encoded>{"uuid": "63f13518-05a2-4058-aeec-ebe508c9e016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-citrix-10", "content": "", "creation_timestamp": "2026-07-01T13:45:06.812694Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/63f13518-05a2-4058-aeec-ebe508c9e016/export</guid>
      <pubDate>Wed, 01 Jul 2026 13:45:06 +0000</pubDate>
    </item>
    <item>
      <title>a067f862-8c55-4cc0-bf11-d3c4727f78a0</title>
      <link>https://vulnerability.circl.lu/sighting/a067f862-8c55-4cc0-bf11-d3c4727f78a0/export</link>
      <description>{"uuid": "a067f862-8c55-4cc0-bf11-d3c4727f78a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpll4nsdet23", "content": "\ud83d\udd17 CVE : CVE-2026-10816, CVE-2026-10817, CVE-2026-13474, CVE-2026-8451, CVE-2026-8452, CVE-2026-8655", "creation_timestamp": "2026-07-01T13:00:06.564831Z"}</description>
      <content:encoded>{"uuid": "a067f862-8c55-4cc0-bf11-d3c4727f78a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpll4nsdet23", "content": "\ud83d\udd17 CVE : CVE-2026-10816, CVE-2026-10817, CVE-2026-13474, CVE-2026-8451, CVE-2026-8452, CVE-2026-8655", "creation_timestamp": "2026-07-01T13:00:06.564831Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a067f862-8c55-4cc0-bf11-d3c4727f78a0/export</guid>
      <pubDate>Wed, 01 Jul 2026 13:00:06 +0000</pubDate>
    </item>
    <item>
      <title>ef78be22-aeab-4623-9e06-fd18553dad02</title>
      <link>https://vulnerability.circl.lu/sighting/ef78be22-aeab-4623-9e06-fd18553dad02/export</link>
      <description>{"uuid": "ef78be22-aeab-4623-9e06-fd18553dad02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mplhwnfofk2p", "content": "Citrix fixed six NetScaler flaws, including a pre-login memory leak (CVE-2026-8451) and an HTTP/2 Bomb denial of service.\n\nOne catch: the HTTP/2 fix does nothing until you enable HTTP Strict Profiles.\n\nUpgrade to 14.1-72.61 / 13.1-63.18, then check the setting.", "creation_timestamp": "2026-07-01T12:03:04.581588Z"}</description>
      <content:encoded>{"uuid": "ef78be22-aeab-4623-9e06-fd18553dad02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mplhwnfofk2p", "content": "Citrix fixed six NetScaler flaws, including a pre-login memory leak (CVE-2026-8451) and an HTTP/2 Bomb denial of service.\n\nOne catch: the HTTP/2 fix does nothing until you enable HTTP Strict Profiles.\n\nUpgrade to 14.1-72.61 / 13.1-63.18, then check the setting.", "creation_timestamp": "2026-07-01T12:03:04.581588Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ef78be22-aeab-4623-9e06-fd18553dad02/export</guid>
      <pubDate>Wed, 01 Jul 2026 12:03:04 +0000</pubDate>
    </item>
    <item>
      <title>3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20</title>
      <link>https://vulnerability.circl.lu/sighting/3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20/export</link>
      <description>{"uuid": "3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/ecf78090-6993-45d3-aa99-c6de905a5e7a", "content": "", "creation_timestamp": "2026-07-01T07:59:26.932836Z"}</description>
      <content:encoded>{"uuid": "3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/ecf78090-6993-45d3-aa99-c6de905a5e7a", "content": "", "creation_timestamp": "2026-07-01T07:59:26.932836Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3b95fe79-c1cf-4773-8fa5-dd9e4bad3e20/export</guid>
      <pubDate>Wed, 01 Jul 2026 07:59:26 +0000</pubDate>
    </item>
    <item>
      <title>090a2f1e-542a-4763-a257-069e0aa7648e</title>
      <link>https://vulnerability.circl.lu/sighting/090a2f1e-542a-4763-a257-069e0aa7648e/export</link>
      <description>{"uuid": "090a2f1e-542a-4763-a257-069e0aa7648e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://thehackernews.com/2026/07/citrix-patches-six-netscaler-flaws.html", "content": "Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-8451 (CVSS score: 8.8) - An insufficient input validation", "creation_timestamp": "2026-07-01T07:00:47.915018Z"}</description>
      <content:encoded>{"uuid": "090a2f1e-542a-4763-a257-069e0aa7648e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://thehackernews.com/2026/07/citrix-patches-six-netscaler-flaws.html", "content": "Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-8451 (CVSS score: 8.8) - An insufficient input validation", "creation_timestamp": "2026-07-01T07:00:47.915018Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/090a2f1e-542a-4763-a257-069e0aa7648e/export</guid>
      <pubDate>Wed, 01 Jul 2026 07:00:47 +0000</pubDate>
    </item>
    <item>
      <title>5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc</title>
      <link>https://vulnerability.circl.lu/sighting/5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc/export</link>
      <description>{"uuid": "5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mpkmxmybse2l", "content": "Citrix patched six NetScaler flaws, including CVE-2026-8451, a high-severity memory disclosure bug linked to CitrixBleed-like issues in SAML auth parsing. #Citrix #NetScaler #CVE-2026-8451", "creation_timestamp": "2026-07-01T04:00:25.922189Z"}</description>
      <content:encoded>{"uuid": "5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mpkmxmybse2l", "content": "Citrix patched six NetScaler flaws, including CVE-2026-8451, a high-severity memory disclosure bug linked to CitrixBleed-like issues in SAML auth parsing. #Citrix #NetScaler #CVE-2026-8451", "creation_timestamp": "2026-07-01T04:00:25.922189Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5b5b8fc5-5d2b-4e4b-8279-a3a07c876cbc/export</guid>
      <pubDate>Wed, 01 Jul 2026 04:00:25 +0000</pubDate>
    </item>
    <item>
      <title>d8d80fda-33dd-4cd0-8648-1d98088f99a9</title>
      <link>https://vulnerability.circl.lu/sighting/d8d80fda-33dd-4cd0-8648-1d98088f99a9/export</link>
      <description>{"uuid": "d8d80fda-33dd-4cd0-8648-1d98088f99a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-645", "content": "", "creation_timestamp": "2026-07-01T02:37:53.676894Z"}</description>
      <content:encoded>{"uuid": "d8d80fda-33dd-4cd0-8648-1d98088f99a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-645", "content": "", "creation_timestamp": "2026-07-01T02:37:53.676894Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d8d80fda-33dd-4cd0-8648-1d98088f99a9/export</guid>
      <pubDate>Wed, 01 Jul 2026 02:37:53 +0000</pubDate>
    </item>
    <item>
      <title>bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88</title>
      <link>https://vulnerability.circl.lu/sighting/bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88/export</link>
      <description>{"uuid": "bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216", "content": "Citrix heeft kwetsbaarheden verholpen in NetScaler ADC en NetScaler Gateway die verband houden met onvoldoende invoervalidatie, onjuiste toegangscontrole en het onjuist vrijgeven van geheugen. De kwetsbaarheden met de kenmerken CVE-2026-8451 en CVE-2026-10817 ontstaan door onvoldoende invoervalidatie, waarbij de software invoergroottes en -grenzen niet correct controleert. Dit kan leiden tot geheugenoverlezingen, wat kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie, wanneer de producten zijn geconfigureerd als SAML IDP, of als TCP TimeStamp is ingeschakeld bij een TCP-profiel dat is gekoppeld aan een virtuele server van het type: Load Balancing (LB), Content Switching (CS) of VPN.\n\nDe kwetsbaarheden met de kenmerken CVE-2026-8452 en CVE-2026-8655 bevinden zich in de manier waarop geheugen wordt beheerd in NetScaler ADC en NetScaler Gateway. Dit kan leiden tot een denial-of-service (DoS) of een ongewenste control flow wanneer de producten zijn geconfigureerd als Gateway, DNS-proxy, recursieve DNS-resolver of AAA-virtuele server.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-13474 ontstaat door het onjuist vrijgeven van geheugen. Kwaadwillenden kunnen deze kwetsbaarheid misbruiken door via speciaal geprepareerde HTTP/2-verzoeken een denial-of-service (DoS) te veroorzaken.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-10816 betreft een probleem met de toegangscontrole binnen de Management Interface. Niet-geauthenticeerde kwaadwillenden op afstand kunnen de kwetsbaarheid misbruiken om willekeurige bestanden uit te lezen. Dit kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie.\n\nOnderzoekers hebben Proof-of-Concept (PoC) code gedeeld waarmee de kwetsbaarheid met kenmerk CVE-2026-8451 kan worden aangetoond.", "creation_timestamp": "2026-07-01T01:00:46.586877Z"}</description>
      <content:encoded>{"uuid": "bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216", "content": "Citrix heeft kwetsbaarheden verholpen in NetScaler ADC en NetScaler Gateway die verband houden met onvoldoende invoervalidatie, onjuiste toegangscontrole en het onjuist vrijgeven van geheugen. De kwetsbaarheden met de kenmerken CVE-2026-8451 en CVE-2026-10817 ontstaan door onvoldoende invoervalidatie, waarbij de software invoergroottes en -grenzen niet correct controleert. Dit kan leiden tot geheugenoverlezingen, wat kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie, wanneer de producten zijn geconfigureerd als SAML IDP, of als TCP TimeStamp is ingeschakeld bij een TCP-profiel dat is gekoppeld aan een virtuele server van het type: Load Balancing (LB), Content Switching (CS) of VPN.\n\nDe kwetsbaarheden met de kenmerken CVE-2026-8452 en CVE-2026-8655 bevinden zich in de manier waarop geheugen wordt beheerd in NetScaler ADC en NetScaler Gateway. Dit kan leiden tot een denial-of-service (DoS) of een ongewenste control flow wanneer de producten zijn geconfigureerd als Gateway, DNS-proxy, recursieve DNS-resolver of AAA-virtuele server.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-13474 ontstaat door het onjuist vrijgeven van geheugen. Kwaadwillenden kunnen deze kwetsbaarheid misbruiken door via speciaal geprepareerde HTTP/2-verzoeken een denial-of-service (DoS) te veroorzaken.\n\nDe kwetsbaarheid met het kenmerk CVE-2026-10816 betreft een probleem met de toegangscontrole binnen de Management Interface. Niet-geauthenticeerde kwaadwillenden op afstand kunnen de kwetsbaarheid misbruiken om willekeurige bestanden uit te lezen. Dit kan resulteren in ongeautoriseerde openbaarmaking van gevoelige informatie.\n\nOnderzoekers hebben Proof-of-Concept (PoC) code gedeeld waarmee de kwetsbaarheid met kenmerk CVE-2026-8451 kan worden aangetoond.", "creation_timestamp": "2026-07-01T01:00:46.586877Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bd6a15c5-29bc-4bf5-9456-b2dc6b81ab88/export</guid>
      <pubDate>Wed, 01 Jul 2026 01:00:46 +0000</pubDate>
    </item>
    <item>
      <title>689876b9-22c0-4c44-8108-4f205a907752</title>
      <link>https://vulnerability.circl.lu/sighting/689876b9-22c0-4c44-8108-4f205a907752/export</link>
      <description>{"uuid": "689876b9-22c0-4c44-8108-4f205a907752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpk26m4nrw2k", "content": "CVE-2026-8451: Are Citrix's Patches Sufficient to Mitigate Risks? #CVE2026 #Citrix #NetScaler", "creation_timestamp": "2026-06-30T22:24:19.137728Z"}</description>
      <content:encoded>{"uuid": "689876b9-22c0-4c44-8108-4f205a907752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8451", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpk26m4nrw2k", "content": "CVE-2026-8451: Are Citrix's Patches Sufficient to Mitigate Risks? #CVE2026 #Citrix #NetScaler", "creation_timestamp": "2026-06-30T22:24:19.137728Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/689876b9-22c0-4c44-8108-4f205a907752/export</guid>
      <pubDate>Tue, 30 Jun 2026 22:24:19 +0000</pubDate>
    </item>
  </channel>
</rss>
