CISA Adds Critical Citrix NetScaler Vulnerability to Known Exploited Vulnerabilities Catalog

On July 4, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) of the United States added a critical security flaw affecting Citrix NetScaler ADC and Gateway to its catalog of known exploited vulnerabilities (KEV), confirming that the vulnerability has been exploited in the wild. The vulnerability in question is CVE-2025-5777, with a CVSS score of 9.3, and involves insufficient input validation. This vulnerability could enable attacks against businesses.