Blog Security Research Mitigating CitrixBleed 2 (CVE‑2025‑5777) NetScaler Memory Disclosure with App & API Protector Even if you patched your affected devices quickly, it’s important to check for exposure now that the proof of concept has been made public. On Friday, July 4, 2025, exploit details were publicly disclosed for a memory disclosure vulnerability affecting Citrix NetScaler ADC and Gateway devices . This is a pre-authentication flaw that allows attackers to craft malicious requests that leak uninitialized memory from affected NetScaler devices. The vulnerability was originally made known to Citrix customers on June 17, 2025, and since then research organizations have shown activity surrounding the flaw, indicators of compromise, and an exploitation proof of concept. Even if you patched your affected devices quickly, it’s important to check for exposure now that the proof of concept has been made public .…