# Citrix patches CVE-2026-8451 NetScaler memory overread flaw in SAML IDP configs

_Monday, July 6, 2026 at 8:00 AM EDT · Security · Latest · Tier 2 — Notable_

Citrix has released security bulletin CTX696604 addressing CVE-2026-8451 in NetScaler ADC and NetScaler Gateway. The bulletin describes the vulnerability as insufficient input validation leading to memory overread. It applies when NetScaler ADC or NetScaler Gateway is configured as a SAML IDP. The flaw is classified as CWE-125, an out-of-bounds read. It received a CVSS v4.0 base score of 8.8 with the vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N. The precondition requires the appliance to be configured as a SAML IDP. Administrators can verify exposure by checking the NetScaler configuration for the string add authentication samlIdPProfile .*. The bulletin provides details on the affected products and remediation steps including fixed builds for standard, FIPS and NDcPP variants.

## Sources

- [Citrix](https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604)

---
Canonical: https://techandbusiness.org/newswire/aD45H1NEbb1bqELwlvBqTK
Retrieved: 2026-07-07T02:27:57.214Z
Publisher: Tech & Business (techandbusiness.org)
