Unrated severityCISA KEVNVD Advisory· Published Jun 17, 2025· Updated Feb 26, 2026

NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread

CVE-2025-5777

Description

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Affected products

NetScaler/ADCv5
Range: 14.1
NetScaler/Gatewayv5
Range: 14.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.citrix.com/support-home/kbsearch/articlemitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.052
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060