CISA Confirms Active Exploitation of CitrixBleed 2 Vulnerability, Orders Immediate Patching

The Cybersecurity & Infrastructure Security Agency (CISA) of the United States has confirmed the active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway. CISA has given federal agencies one day to apply the necessary patches. This vulnerability affects Citrix systems used by many organizations. It is not specified how many agencies or other entities have applied the patches in time.