CVE-2025-7775

UNKNOWN 0.0

⚠️ CISA KEV

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

CWE	CWE-119
Vendor	netscaler
Product	adc
Published	Aug 26, 2025
Last Updated	Feb 26, 2026

⚠️ Actively Exploited — Act Now

Get instant alerts for netscaler adc

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-7775.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

NetScaler / ADC

14.1 < 47.48 13.1 < 59.22 13.1 FIPS and NDcPP < 37.241 12.1 FIPS and NDcPP < 55.330

NetScaler / Gateway

14.1 < 47.48 13.1 < 59.22 13.1 FIPS and NDcPP < 37.241 12.1 FIPS and NDcPP < 55.330

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.citrix.com: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-7775