CVE-2025-5777

Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks - Security researcher Kevin Beaumont has previously stated that repeated POST requests to /doAuthentication.do in NetScaler logs is a good indication that someone is attempting to exploit the flaw, especially when the request includes a Content-Length: ...
3 weeks ago Bleepingcomputer.com CVE-2025-5777

Critical Citrix Bleed 2 flaw now likely exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 month ago Bleepingcomputer.com CVE-2025-5777

Citrix Bleed 2 flaw now believed to be exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 month ago Bleepingcomputer.com CVE-2025-5777

Over 1,200 Citrix servers unpatched against critical auth bypass flaw - While Citrix has yet to confirm that this security flaw is being exploited in the wild, saying that "currently, there is no evidence to suggest exploitation of CVE-2025-5777," cybersecurity firm ReliaQuest reported on Thursday with medium confidence ...
1 month ago Bleepingcomputer.com CVE-2025-5777

CISA Warns of CitrixBleed 2 Vulnerability Exploited in Attacks - The vulnerability, tracked as CVE-2025-5777, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog with an immediate remediation deadline of July 11, 2025. The vulnerability specifically affects deployments where NetScaler ...
4 weeks ago Cybersecuritynews.com CVE-2025-5777

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch - The first warning of CitrixBleed 2 being exploited came from ReliaQuest on June 27. On July 7, security researchers at watchTowr and Horizon3 published proof-of-concept exploits (PoCs) for CVE-2025-5777, demonstrating how the flaw can ...
4 weeks ago Bleepingcomputer.com CVE-2025-5777

Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure - On July 9, the Cybersecurity and Infrastructure Security Agency (CISA) corroborated GreyNoise findings and added CVE-2025-5777 to the Known Exploited Vulnerabilities (KEV) catalog. By integrating threat intelligence sources directly into security ...
3 weeks ago Cybersecuritynews.com CVE-2025-5777

Hackers Launch 11.5 Million Attacks on CitrixBleed 2 - Compromising Over 100 Organizations - Security researcher Kevin Beaumont, who first coined the term “CitrixBleed 2,” reported that attackers have been “carefully selecting victims, profiling NetScaler before attacking to make sure it is a real box”. A massive wave ...
3 weeks ago Cybersecuritynews.com CVE-2025-5777 Ransomhub

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now - Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session ...
1 month ago Bleepingcomputer.com CVE-2025-5777

PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request - The vulnerability, tracked as CVE-2025-5777, allows attackers to exfiltrate up to 127 bytes of sensitive data per request, potentially exposing session tokens and user credentials through memory disclosure attacks. This memory space is shared across ...
1 month ago Cybersecuritynews.com CVE-2025-5777

Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More - Google has issued an emergency security update for its Chrome browser to address a critical zero-day vulnerability, CVE-2025-6558, that is being actively exploited in the wild. The Node.js project released security updates on July 15, 2025, to fix ...
2 weeks ago Cybersecuritynews.com CVE-2025-6558

Citrix warns of login issues after NetScaler auth bypass patch - The first of the two security flaws (tracked as CVE-2025-5777 and dubbed Citrix Bleed 2) enables threat actors to bypass authentication by hijacking user sessions, while the second (CVE-2025-6543) is now actively exploited in denial-of-service ...
1 month ago Bleepingcomputer.com CVE-2025-5777

Splunk Details on How to Detect, Mitigate and Respond to CitrixBleed 2 Attack - GreyNoise telemetry shows scanning began on 1 July, nine days before Citrix published full technical guidance, and Censys counts roughly 70,000 NetScaler instances reachable on the public Internet, a stark reminder of the attack surface at stake. ...
2 weeks ago Cybersecuritynews.com CVE-2025-5777

"CitrixBleed 2" Vulnerability PoC Released - Warns of Potential Widespread Exploitation - A new critical vulnerability in Citrix NetScaler devices has security experts warning of potential widespread exploitation, drawing alarming parallels to the devastating “CitrixBleed” attacks that plagued organizations in 2023. The ...
1 month ago Cybersecuritynews.com CVE-2025-5777

CVE-2025-5777 - Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server ...
3 weeks ago CVE-2025-5777 CVE-2023-4966 CVE-2025-6543 CVE-2025-53770

CVE-2025-21867 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago

2100+ Citrix Servers Vulnerable to Actively Exploited Bypass Authentication Vulnerability - Over 2,100 vulnerable Citrix NetScaler servers remain exposed to active exploitation, despite patches being available for critical vulnerabilities that allow attackers to bypass authentication mechanisms and steal session tokens. ReliaQuest ...
1 month ago Cybersecuritynews.com CVE-2025-5777

Hackers Actively Exploiting CitrixBleed 2 Vulnerability in the Wild - This pre-authentication flaw enables attackers to craft malicious requests that leak uninitialized memory from affected NetScaler ADC and Gateway devices, potentially exposing sensitive data, including session tokens, passwords, and configuration ...
4 weeks ago Cybersecuritynews.com CVE-2025-5777

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’ | The Record from Recorded Future News - The bug affects Citrix Netscaler ADC and Netscaler Gateway appliances and the company said exploitation of the vulnerability “on unmitigated appliances have been observed.” Since that advisory, multiple incident responders have warned that the ...
4 weeks ago Therecord.media CVE-2025-5777

CVE-2024-5777 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
1 year ago Tenable.com

CVE-2015-5778 - CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than ...
8 years ago

CVE-2015-5777 - CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than ...
8 years ago

CVE-2013-5777 - Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different ...
3 years ago

CVE-2013-5775 - Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different ...
3 years ago