汇总 Citrix 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、输入验证问题、SQL 注入与CSRF,在 软件部署与生产负载 使用场景中可能带来 文件覆盖、应用崩溃与内存损坏 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-3055 KEV | Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread | 50a63c94-1ea7-4568-8c11-eb79e7c5a2b5 | 9.3 | 84.00% | 2026-03-23 | 2026-06-17 |
| CVE-2025-7776 | Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it | [email protected] | 8.8 | 6.66% | 2025-08-26 | 2026-06-17 |
| CVE-2025-7775 KEV | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS an | [email protected] | 9.2 | 18.97% | 2025-08-26 | 2026-06-17 |
| CVE-2025-6759 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS | [email protected] | 7.3 | 0.24% | 2025-07-08 | 2026-06-17 |
| CVE-2025-6543 KEV | Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | [email protected] | 9.2 | 9.76% | 2025-06-25 | 2026-06-17 |
| CVE-2025-4879 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 7.3 | 0.07% | 2025-06-17 | 2026-06-17 |
| CVE-2025-0320 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows | [email protected] | 8.6 | 0.07% | 2025-06-17 | 2026-06-17 |
| CVE-2025-5777 KEV | Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | [email protected] | 9.3 | 99.90% | 2025-06-17 | 2026-06-17 |
| CVE-2025-5349 | Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway | [email protected] | 8.7 | 3.65% | 2025-06-17 | 2026-06-17 |
| CVE-2025-4365 | Arbitrary file read in NetScaler Console and NetScaler SDX (SVM) | [email protected] | 6.9 | 7.01% | 2025-06-17 | 2026-06-17 |
| CVE-2025-1223 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.15% | 2025-02-19 | 2026-06-17 |
| CVE-2025-1222 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.15% | 2025-02-19 | 2026-06-17 |
| CVE-2024-12284 | Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. | [email protected] | 8.8 | 11.92% | 2025-02-19 | 2026-06-17 |
| CVE-2024-8535 | Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources | [email protected] | 5.8 | 0.42% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8534 | Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled | [email protected] | 8.4 | 0.56% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8069 KEV | Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server | [email protected] | 5.1 | 14.74% | 2024-11-12 | 2026-06-17 |
| CVE-2024-8068 KEV | Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain | [email protected] | 5.1 | 1.39% | 2024-11-12 | 2026-06-17 |
| CVE-2024-7890 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 5.4 | 0.18% | 2024-09-11 | 2026-06-17 |
| CVE-2024-7889 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | [email protected] | 7.0 | 0.25% | 2024-09-11 | 2026-06-17 |
| CVE-2024-42423 | Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering. | [email protected] | 6.1 | 0.15% | 2024-09-10 | 2026-06-17 |