Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

CISA agrees that CitrixBleed 2 is under exploit

: Add CISA to the list

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild exploitation. Tracked as CVE-2025-5777, the vulnerability shares similarities with CVE-2023-4966, a security flaw nicknamed CitrixBleed, which led to the comp…

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog mvining Jul 10, 2025 Release DateJuly 10, 2025 DescriptionCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-5777 Citrix NetScaler ADC and Gateway Out-of-Bounds Read VulnerabilityThese types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the fe…

Exploit details released for Citrix Bleed 2 flaw affecting NetScaler

Security researchers have released a technical analysis and proof-of-concept exploit code for a critical vulnerability fixed last month in Citrix NetScaler appliances that is suspected to have been exploited in the wild, though in a limited capacity and without official confirmation from Citrix. Companies are urged to deploy the patches and use published indicators of compromise (IoCs) to check their appliances for signs of breach. The vulnerabi…