CVE-2026-10817

Name of the Vulnerable Software and Affected Versions NetScaler ADC (affected versions not specified) NetScaler Gateway (affected versions not specified)

Description Insufficient input validation leads to a memory overread when the TCP TimeStamp is enabled in the TCP Profile and is associated with a service or a virtual server of type LB, CS, or VPN. A memory overread occurs when a program reads data past the end of the intended buffer, potentially exposing sensitive information from the system memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary mitigation, disable the TCP TimeStamp in the TCP Profile associated with the virtual server or service.