Skip to content

Critical Vulnerabilities in Citrix NetScaler ADC and Gateway – Patches Available

Bottom line: Citrix released patches for critical vulnerabilities in Gateway and NetScaler ADC – deployment of updates should be prioritized given that both products are typically deployed in perimeter protection architectures.

On 30 June 2026, Citrix publicly disclosed multiple critical security vulnerabilities in Citrix Gateway and Citrix NetScaler ADC and provided firmware updates. The original advisory had already been sent to affected users on 12 May 2026.

Citrix announced multiple critical security vulnerabilities in two of its core network product lines. Affected are Citrix Gateway and Citrix NetScaler ADC, both systems typically deployed at the network perimeter for access control and application delivery. The company provided firmware updates for each.

The publication timeline reveals a staged approach: Citrix informed affected customers directly about the vulnerabilities on 12 May 2026. However, the public announcement and release did not occur until 30 June 2026. This delay provided users with a time window to apply patches non-publicly before full public disclosure.

For CISOs, this means that affected systems – if not yet updated – carry acute exposure risk. NetScaler ADC and Gateway are highly exposed because they are typically reachable from the outside and regulate network access. While patch availability reduces implementation risk, it requires timely patch cycles and validation in the respective environments.


Source: borncity.com · Published 2 July 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.7.2.

Share on: