CISA Confirms Active Exploitation of CitrixBleed 2 Vulnerability, Orders Immediate Patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed the active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway. CISA has given federal agencies one day to apply the necessary patches. The vulnerability affects Citrix NetScaler ADC and Gateway products, and its active exploitation has been confirmed by the agency.