Zero-Day Exploitation

Exploitation of vulnerabilities before a patch is available

What is CitrixBleed 2 (CVE-2025-5777)?

Nov 13, 2025

—

by

Reza Rafati

in Digital Espionage & Intelligence

CitrixBleed 2 (CVE-2025-5777) is a critical information-disclosure vulnerability impacting NetScaler ADC and Gateway systems, allowing unauthorized attackers to bypass MFA, hijack admin sessions, and establish unauthorized VDE sessions. This zero-day was exploited by an unnamed APT group before a patch was released.