The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday incorporated a vital security defect affecting Citrix NetScaler ADC and Gateway into its Known Exploited Vulnerabilities (KEV) catalog, officially acknowledging that the flaw is being exploited in real-world scenarios.
The deficiency in focus is CVE-2025-5777 (CVSS score: 9.3), a case of inadequate input validation that