Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-24490 | Users with only access to launch VDA applications can launch an unauthorized desktop | 6.3 | 0.30% | 2023-07-10 | 2026-06-17 |
| CVE-2023-24491 | A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM. | 7.8 | 0.19% | 2023-07-11 | 2026-06-17 |
| CVE-2023-24492 | A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. | 9.6 | 0.82% | 2023-07-11 | 2026-06-17 |
| CVE-2023-3519 KEV | Unauthenticated remote code execution | 9.8 | 99.34% | 2023-07-19 | 2026-06-17 |
| CVE-2023-3466 | Reflected Cross-Site Scripting (XSS) | 8.3 | 3.04% | 2023-07-19 | 2026-06-17 |
| CVE-2023-3467 | Privilege Escalation to root administrator (nsroot) | 8.0 | 2.10% | 2023-07-19 | 2026-06-17 |
| CVE-2023-4966 KEV | Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | 9.4 | 100.00% | 2023-10-10 | 2026-06-17 |
| CVE-2023-4967 | Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server | 8.2 | 0.88% | 2023-10-27 | 2026-06-17 |
| CVE-2023-6548 KEV | Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | 5.5 | 3.19% | 2024-01-17 | 2026-06-17 |
| CVE-2023-5914 | Cross-site scripting (XSS) | 5.4 | 73.14% | 2024-01-17 | 2026-06-17 |
| CVE-2023-6549 KEV | Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | 8.2 | 57.63% | 2024-01-17 | 2026-06-17 |
| CVE-2023-6184 | Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting | 5.0 | 46.61% | 2024-01-17 | 2026-06-17 |
| CVE-2024-2049 | Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | 6.5 | 0.37% | 2024-03-12 | 2026-06-17 |
| CVE-2024-5661 | An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. | 6.0 | 0.17% | 2024-06-13 | 2026-06-17 |
| CVE-2024-5491 | Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler | 7.2 | 0.76% | 2024-07-10 | 2026-06-17 |
| CVE-2024-5492 | Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway | 5.1 | 0.57% | 2024-07-10 | 2026-06-17 |
| CVE-2024-6235 | Sensitive information disclosure in NetScaler Console | 9.4 | 21.33% | 2024-07-10 | 2026-06-17 |
| CVE-2024-6148 | Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | 5.3 | 0.40% | 2024-07-10 | 2026-06-17 |
| CVE-2024-6149 | Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 | 4.8 | 0.21% | 2024-07-10 | 2026-06-17 |
| CVE-2024-6150 | A non-admin user can cause short-term disruption in Target VM availability in Citrix Provisioning | 4.8 | 0.24% | 2024-07-10 | 2026-06-17 |