releases.shpreview

Citrix memory disclosure and Kemp RCE blocked by WAF

2 featuresThis release2 featuresNew capabilitiesAI-tallied from the release notes
From the original release noteView original ↗

This release introduces new rules targeting critical infrastructure vulnerabilities. These include an unauthenticated memory disclosure flaw in Citrix NetScaler ADC and Gateway (CVE-2026-8451) and a high-severity pre-authentication remote code execution (RCE) vulnerability in Progress Kemp LoadMaster (CVE-2026-8037).

Key Findings

  • CVE-2026-8451: An insufficient input validation vulnerability affects Citrix NetScaler ADC and NetScaler Gateway appliances configured as a SAML Identity Provider (IdP). Remote, unauthenticated attackers can exploit this flaw by sending malformed requests to trigger a memory overread, allowing them to leak chunks of sensitive data from adjacent appliance memory.

  • CVE-2026-8037: A critical OS command injection vulnerability in Progress Kemp LoadMaster load balancers allows unauthenticated remote attackers to achieve remote code execution (RCE).

Ruleset

Rule ID

Legacy Rule ID

Description

Previous Action

New Action

Comments

Cloudflare Managed Ruleset

78826e3223b94da493a2ade876973ac4

N/A

Citrix Netscaler ADC - Insufficient Input Validation - CVE:CVE-2026-8451

Log

Block

This is a new detection.

Cloudflare Managed Ruleset

6b64d216620449fbb273d07910233f36

N/A

Progress Kemp LoadMaster - Remote Code Execution - CVE:CVE-2026-8037

Log

Block

This is a new detection.

Fetched July 14, 2026