Sam Stepanyan  đŸ˜Mar 24

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

Citrix fixes CVE-2026-3055 memory flaw in NetScaler, enabling data leaks in SAML setups, raising risk of imminent exploitation.

The Hacker News
CyberVeille.chJul 22, 2025
📱 VulnĂ©rabilitĂ© critique CitrixBleed 2 affectant Citrix NetScaler ADC et Gateway
📝 Cet article publiĂ© sur Medium par le @knownsec404team analyse la vulnĂ©rabilitĂ© critique...
📖 cyberveille : https://cyberveille.ch/posts/2025-07-21-vulnerabilite-critique-citrixbleed-2-affectant-citrix-netscaler-adc-et-gateway/
🌐 source : https://medium.com/@knownsec404team/root-cause-analysis-of-the-citrixbleed-2-cve-2025-5777-vulnerability-dc7278bd5ffb
#CVE_2025_5777 #CitrixBleed #Cyberveille
Vulnérabilité critique CitrixBleed 2 affectant Citrix NetScaler ADC et Gateway

Cet article publiĂ© sur Medium par le @knownsec404team analyse la vulnĂ©rabilitĂ© critique CVE-2025-5777, surnommĂ©e CitrixBleed 2, qui affecte les produits Citrix NetScaler ADC et Gateway. Cette vulnĂ©rabilitĂ© a un score CVSS de 9.3, indiquant sa gravitĂ© Ă©levĂ©e. La vulnĂ©rabilitĂ© provient d’une validation d’entrĂ©e insuffisante dans la logique de parsing d’authentification, permettant aux attaquants d’extraire des contenus mĂ©moire sensibles tels que des identifiants et des tokens de session via des requĂȘtes HTTP spĂ©cialement conçues.

CyberVeille
Marcel SIneM(S)USJul 20, 2025
#CitrixBleed2: Kritische Netscaler-LĂŒcke wird seit fast einem Monat ausgenutzt | Security https://www.heise.de/news/Citrix-Bleed-2-Kritische-Netscaler-Luecke-wird-seit-fast-einem-Monat-ausgenutzt-10492320.html #Patchday #CyberCrime #DataLeak #Datenleck #Datenschutz #privacy #CitrixBleed
Citrix Bleed 2: Kritische Netscaler-LĂŒcke wird seit fast einem Monat ausgenutzt

Bereits in der letzten Juniwoche suchten mutmaßlich chinesische Akteure gezielt nach verwundbaren Netscaler-GerĂ€ten. Citrix hat einen Tipp fĂŒr seine Kunden.

heise online
DrWhaxJul 19, 2025
Perhaps the EU should only allow Tailscale like VPN's for remote connectivity... #citrixbleed
IT InsightsJul 18, 2025
🚹 Urgent! CitrixBleed 2 al 2 weken geĂ«xploiteerd. Patch NU om risico's te beperken! 🔒 #cybersecurity #CitrixBleed 
https://itinsights.nl/cybersecurity/citrix-loog-bleed-2-weken-geexploiteerd-patch-nu/
Citrix loog: Bleed 2 weken geëxploiteerd! Patch NU!

IT Insights De ernst van de situatie wordt benadrukt door het feit dat aanvallers CitrixBleed 2 al actief misbruikten voordat er publiekelijk beschikbare exploits waren.

IT INSIGHTS
GreyNoiseJul 16, 2025
GreyNoise observed exploitation of CitrixBleed 2 (CVE-2025-5777) nearly two weeks before a public PoC was released. Full breakdown: https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc #GreyNoise #ThreatIntel #CitrixBleed #Citrix #NetScaler
Exploitation of CitrixBleed 2 (CVE-2025-5777) Began Before PoC Was Public

GreyNoise has observed active exploitation attempts against CVE-2025-5777 (CitrixBleed 2), a memory overread vulnerability in Citrix NetScaler. Exploitation began on June 23 — nearly two weeks before a public proof-of-concept was released on July 4.

PrivacyDigestJul 11, 2025

Critical #CitrixBleed 2 #vulnerability has been under active #exploit for weeks

A critical vulnerability allowing #hackers to bypass #multifactor #authentication in network management devices made by #Citrix has been actively #exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild #exploitation.
#security #privacy

https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

Ars Technica
Paxion CybersecurityJul 11, 2025

đŸ”„ CitrixBleed 2 is live.

A pre-auth memory flaw in Citrix NetScaler leaks passwords, session tokens, and config data—no login required.

🔍 Over 200,000 exploit attempts detected.

đŸ›Ąïž Secure your infrastructure now.
#CitrixBleed #VulnerabilityAlert #MemoryLeakExploit #CyberProtection #Infosec

Ars Technica NewsJul 9, 2025
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks https://arstechni.ca/bJJZ #vulnerabilities #citrixbleed #Security #hacking #Biz&IT #citrix
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

Ars Technica
AmgineJul 8, 2025

I am saddened to see how English #Wikipedia has been scrubbed of mentioning #CitrixBleed - there appears to be only one mention, and it casts doubt on the existence and exploitation of CVE-2023-4966 — https://en.wikipedia.org/wiki/NetScaler#Security_issues:_Citrix_Bleed

Now, with #CitrixBleed2, there will be a lot of people trying to brush up on the history and risks of the #vulnerability, and the world's most-used reference has almost nothing to help.

https://doublepulsar.com/citrixbleed-2-exploitation-started-mid-june-how-to-spot-it-f3106392aa71

h/t @GossiTheDog

#WP #marketing #erasure

NetScaler - Wikipedia