{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-10817","assignerOrgId":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","state":"PUBLISHED","assignerShortName":"NetScaler","dateReserved":"2026-06-04T05:49:25.173Z","datePublished":"2026-06-30T12:58:38.850Z","dateUpdated":"2026-06-30T13:28:19.305Z"},"containers":{"cna":{"providerMetadata":{"orgId":"50a63c94-1ea7-4568-8c11-eb79e7c5a2b5","shortName":"NetScaler","dateUpdated":"2026-06-30T12:58:38.850Z"},"title":"Insufficient input validation leading to memory overread","datePublic":"2026-06-30T12:52:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-125","description":"CWE-125 Out-of-bounds read","type":"CWE"}]}],"affected":[{"vendor":"NetScaler","product":"ADC","versions":[{"status":"affected","version":"14.1","lessThan":"72.61","versionType":"patch"},{"status":"affected","version":"13.1","lessThan":"63.18","versionType":"patch"},{"status":"affected","version":"14.1 FIPS","lessThan":"72.61","versionType":"patch"},{"status":"affected","version":"13.1 FIPS and NDcPP","lessThan":"37.272","versionType":"patch"}],"defaultStatus":"unaffected"},{"vendor":"NetScaler","product":"Gateway","versions":[{"status":"affected","version":"14.1","lessThan":"72.61","versionType":"patch"},{"status":"affected","version":"13.1","lessThan":"63.18","versionType":"patch"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler","supportingMedia":[{"type":"text/html","base64":false,"value":"<span>Insufficient input validation leading to memory overread in&nbsp;</span><span>NetScaler ADC and NetScaler Gateway if the&nbsp;</span><span>TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler</span><br>"}]}],"references":[{"url":"https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","version":"4.0","baseSeverity":"MEDIUM","baseScore":6.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"}}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 1.0.2"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-30T13:28:08.900923Z","id":"CVE-2026-10817","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-30T13:28:19.305Z"}}]}}