CVE-2026-8655
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk30th percentile — higher than 30% of all known CVEs
Summary
Multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway can lead to unpredictable or erroneous behavior and Denial of Service (DoS). The vulnerability occurs when NetScaler ADC is configured as an Oracle load balancer, DNS proxy, or DNS recursive resolver.
Risk Assessment
The organization is at risk of network service disruptions and potential data loss due to memory errors. Attackers can exploit these vulnerabilities to cause DoS, impacting application and infrastructure availability.
Recommendation
Immediately update NetScaler ADC and NetScaler Gateway to the latest patched version. Also review configurations related to Oracle LB, DNS proxy, and DNS recursive resolver.
Original NVD description (English source)
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment

