Vulnerability in Netscaler Adc

CVE-2026-4368

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Vulnerability class: Race Condition

EPSS: 0.000 (3.5th percentile) — read the EPSS interpretation.

Affected products

Netscaler Adc — versions 14.1.66.54
Netscaler Gateway — versions 14.1.66.54

Weakness classification (CWE)

CWE-362 — Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

References

50a63c94-1ea7-4568-8c11-eb79e7c5a2b5