{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-10817", "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5", "state": "PUBLISHED", "assignerShortName": "NetScaler", "dateReserved": "2026-06-04T05:49:25.173Z", "datePublished": "2026-06-30T12:58:38.850Z", "dateUpdated": "2026-06-30T13:28:19.305Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5", "shortName": "NetScaler", "dateUpdated": "2026-06-30T12:58:38.850Z"}, "title": "Insufficient input validation leading to memory overread", "datePublic": "2026-06-30T12:52:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds read", "type": "CWE"}]}], "affected": [{"vendor": "NetScaler", "product": "ADC", "versions": [{"status": "affected", "version": "14.1", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "63.18", "versionType": "patch"}, {"status": "affected", "version": "14.1 FIPS", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1 FIPS and NDcPP", "lessThan": "37.272", "versionType": "patch"}], "defaultStatus": "unaffected"}, {"vendor": "NetScaler", "product": "Gateway", "versions": [{"status": "affected", "version": "14.1", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "63.18", "versionType": "patch"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<span>Insufficient input validation leading to memory overread in&nbsp;</span><span>NetScaler ADC and NetScaler Gateway if the&nbsp;</span><span>TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler</span><br>"}]}], "references": [{"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-30T13:28:08.900923Z", "id": "CVE-2026-10817", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-30T13:28:19.305Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-10817", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-30T13:28:08.900923Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-30T13:28:11.612Z"}}], "cna": {"title": "Insufficient input validation leading to memory overread", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NetScaler", "product": "ADC", "versions": [{"status": "affected", "version": "14.1", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "63.18", "versionType": "patch"}, {"status": "affected", "version": "14.1 FIPS", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1 FIPS and NDcPP", "lessThan": "37.272", "versionType": "patch"}], "defaultStatus": "unaffected"}, {"vendor": "NetScaler", "product": "Gateway", "versions": [{"status": "affected", "version": "14.1", "lessThan": "72.61", "versionType": "patch"}, {"status": "affected", "version": "13.1", "lessThan": "63.18", "versionType": "patch"}], "defaultStatus": "unaffected"}], "datePublic": "2026-06-30T12:52:00.000Z", "references": [{"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "Insufficient input validation leading to memory overread in\u00a0NetScaler ADC and NetScaler Gateway if the\u00a0TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler", "supportingMedia": [{"type": "text/html", "value": "<span>Insufficient input validation leading to memory overread in&nbsp;</span><span>NetScaler ADC and NetScaler Gateway if the&nbsp;</span><span>TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds read"}]}], "providerMetadata": {"orgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5", "shortName": "NetScaler", "dateUpdated": "2026-06-30T12:58:38.850Z"}}}, "cveMetadata": {"cveId": "CVE-2026-10817", "state": "PUBLISHED", "dateUpdated": "2026-06-30T13:28:19.305Z", "dateReserved": "2026-06-04T05:49:25.173Z", "assignerOrgId": "50a63c94-1ea7-4568-8c11-eb79e7c5a2b5", "datePublished": "2026-06-30T12:58:38.850Z", "assignerShortName": "NetScaler"}, "dataVersion": "5.2"}

{}

{}

{}