U.S. CISA Adds Citrix NetScaler Vulnerability to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Citrix NetScaler vulnerability, listed under the number CVE-2025-6543, to its catalog of known exploited vulnerabilities (KEV). This vulnerability, assessed with a CVSS score of 9.2, is a memory overflow affecting NetScaler ADC and NetScaler Gateway when they are configured. CISA took this action to alert organizations about the potential risk of exploitation of this flaw.