XenServer Security Update for CVE-2026-42491

XenServer Security Update for CVE-2026-42491

Article Record Type : Security Bulletin

Article Id : CTX696811

Last Modified Date : 07-14-2026 12:12

Created Date : 07-10-2026 10:48

Severity : Medium

Description of Problem

An issue has been identified in the XenServer management API SDK that may allow an attacker on the management network who is able to intercept specific HTTPS requests within a higher-level operation to be able to act with the privileges of the intercepted administrator.  This issue affects the XenCenter management agent together with third-party PowerShell and C# SDK clients.

This issue has the following identifier:

  • CVE-2026-42491 

Affected Versions

This issue affects XenCenter versions before 2026.4.0 and, for PowerShell and C# clients only, SDK versions before 26.15.0.  As the issue is in the client-side (XenCenter and SDK) code, it is independent of the version of XenServer that is in use.

Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows Security Bulletin for CVE-2026-53565 and CVE-2026-53566

Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows Security Bulletin for CVE-2026-53565 and CVE-2026-53566

Article Id : CTX696734

Last Modified Date : 07-14-2026 11:51

Created Date : 07-14-2026 13:00

Article Record Type : Security Bulletin

Severity : High

Description of Problem

Vulnerabilities have been discovered in the Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client. Refer to the information below for further details: 

Affected Versions:

The following supported versions of Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows are affected by CVE-2026-53565:

  • Citrix Secure Access Client for Windows versions BEFORE 26.6.1.20
  • Citrix Endpoint Analysis Client for Windows versions BEFORE 26.5.1.7

The following supported versions of Citrix Secure Access Client for Windows are affected by CVE-2026-53566:

  • Citrix Secure Access Client for Windows versions BEFORE 26.6.1.20

Details

Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows contain the vulnerabilities mentioned below

CVE-IDDescription Affected ProductsPre-conditionsCWECVSSv4
CVE-2026-53565Local Privilege escalation allows a low-privileged user to gain SYSTEM privilegesCitrix Secure Access Client for Windows 
AND 
Citrix Endpoint Analysis Client for Windows
Standard user access on local systemCWE-269: Improper Privilege Management  CVSS v4.0 Base Score: 8.5(CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
CVE-2026-53566Out-of-bounds memory readCitrix Secure Access Client for WindowsStandard user access on local system and DNE driver is not installedCWE-125: Out-of-bounds ReadCVSS v4.0 Base Score: 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N 

What Customers Should Do

Cloud Software Group strongly urges customers of Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client  to install the relevant updated versions as soon as possible: 

  • Citrix Secure Access Client for Windows 26.6.1.20 and later releases
  • Citrix Endpoint Analysis Client for Windows 26.5.1.7 and later releases

Steps to determine if an appliance meets the CVE preconditions

CVE-2026-53566:
Customers can determine if the DNE driver is not installed by referring to the following documentation: https://docs.netscaler.com/en-us/netscaler-gateway/current-release/vpn-user-config/select-gateway-plugin-for-users.html#completely-skip-the-dne-installation