SecAlerts
CVE ListPricingSign Up
Citrix logo

Citrix

Security Risk Profile

71
/100
high

Security Risk Score

Comprehensive risk assessment based on 567 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from March 29, 2000 to present

567
Total CVEs
271
Critical+High
73
Exploited
205
Unpatched

Threat Assessment

Avg CVSS
7.2
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
205
Critical/High
Risk Level
71/100
high
⚠️ 73 Active Exploits 25 Zero-Days

Severity Distribution

Critical
95
High
176
Medium
170
Low
14

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
22

Age Distribution

Common Weaknesses (CWE)

1
Input Validation
40
2
Buffer Overflow
35
3
XSS
31
4
Infoleak
23
5
Null Pointer Dereference
14

Most Affected Products

1. XEN Xen211
2. Citrix XenMobile Server195
3. Citrix XenServer187
4. IBM QRadar Security Information and Event Manager172
5. Intel Core I5169

Recent Vulnerabilities

See more →
EOL-citrix-vad-2603
unknown
4/30/2026
https://www.bleepingcomputer.com/news/security/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks/
unknown

Critical Citrix NetScaler memory flaw actively exploited in attacks

3/30/2026⚠ Exploited🔧 No Patch
https://reddit.com/r/netsec/comments/1s75kb9/please_we_beg_just_one_weekend_free_of_appliances/
unknown

Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2) - watchTowr Labs

3/29/2026🔧 No Patch
https://reddit.com/r/netsec/comments/1s6bdxi/the_sequels_are_never_as_good_but_were_still_in/
unknown

The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread) - watchTowr Labs

3/28/2026🔧 No Patch
https://www.bleepingcomputer.com/news/security/citrix-urges-admins-to-patch-netscaler-flaws-as-soon-as-possible/
unknown

Citrix urges admins to patch NetScaler flaws as soon as possible

3/25/2026🔧 No Patch
CVE-2026-3055
CVSS 9.3critical

Citrix NetScaler Out-of-Bounds Read Vulnerability

3/23/2026⚠ Exploited
CVE-2026-4368
CVSS 7.7EPSS 0%high

Race Condition leading to User Session Mixup

3/23/2026🔧 No Patch
EOL-citrix-vad-2511
unknown
12/29/2025
https://www.theregister.com/2025/11/12/amazon_cisco_citrix_0day_exploits/
unknown

Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape

11/12/2025⚠ Exploited⚡ Zero-Day🔧 No Patch
https://www.bleepingcomputer.com/news/security/hackers-exploited-citrix-cisco-ise-flaws-in-zero-day-attacks/
unknown

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

11/12/2025⚠ Exploited⚡ Zero-Day🔧 No Patch

Monitor Citrix in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

Citrix Security Vulnerabilities & Risk Score | 567 CVEs | SecAlerts - SecAlerts