Citrix has released security updates to address security vulnerabilities (CVE-2025-5349, CVE-2025-5777) in NetScaler ADC and NetScaler Gateway products. An attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and memory leak on the targeted system. Issues affect:

• NetScaler ADC and NetScaler Gateway 14.1 before version 14.1-43.56
• NetScaler ADC and NetScaler Gateway 13.1 before version 13.1-58.32
• NetScaler ADC 13.1-FIPS and NDcPP  before version 13.1-37.235-FIPS and NDcPP
• NetScaler ADC 12.1-FIPS before version 12.1-55.328-FIPS

More information on vulnerabilities and updates is available in Citrix Security Bulletins: citrix.com