Citrix NetScaler ADC/Gateway 'CitrixBleed' session-token memory overread — cited as CVE-2026-8451 lineage context
cve · CVE-2023-4966
Coverage timeline
0
first 2026-07-01 → last 2026-07-01
no data
Briefs
0
0 distinct
Sources cited
11
7 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
No recorded appearances.
Source distribution
- attack.mitre.org5 (45%)
- acronis.com1 (9%)
- advisories.ncsc.nl1 (9%)
- bleepingcomputer.com1 (9%)
- cyberscoop.com1 (9%)
- labs.watchtowr.com1 (9%)
- thehackernews.com1 (9%)
External references
All cited sources (11)
- labs.watchtowr.comprimaryinlinewatchTowr Labs, 2026-06-30https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
- acronis.cominlineAcronis TRU, 2026-06-29https://www.acronis.com/en/tru/posts/mustang-panda-targets-indias-government-and-energy-sectors/
- advisories.ncsc.nlinlineNCSC-NL, 2026-06-30https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216
- attack.mitre.orginlineT1021.001 Remote Desktop Protocolhttps://attack.mitre.org/techniques/T1021/001/
- attack.mitre.orginlineT1105 Ingress Tool Transferhttps://attack.mitre.org/techniques/T1105/
- attack.mitre.orginlineT1133 External Remote Serviceshttps://attack.mitre.org/techniques/T1133/
- attack.mitre.orginlineT1136.001 Create Account: Local Accounthttps://attack.mitre.org/techniques/T1136/001/
- attack.mitre.orginlineT1486 Data Encrypted for Impacthttps://attack.mitre.org/techniques/T1486/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/new-oracle-e-business-suite-flaw-now-exploited-in-attacks/
- cyberscoop.cominlineCyberScoop, 2026-06-30https://cyberscoop.com/citrix-netscaler-flaw-cve-2026-8451-citrixbleed/
- thehackernews.cominlineThe Hacker News, 2026-06-29https://thehackernews.com/2026/06/mustang-panda-uses-zoho-workdrive-as.html
Items in briefs about Citrix NetScaler ADC/Gateway 'CitrixBleed' session-token memory overread — cited as CVE-2026-8451 lineage context
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.