This release introduces new rules targeting critical infrastructure vulnerabilities. These include an unauthenticated memory disclosure flaw in Citrix NetScaler ADC and Gateway (CVE-2026-8451) and a high-severity pre-authentication remote code execution (RCE) vulnerability in Progress Kemp LoadMaster (CVE-2026-8037).
Key Findings
-
CVE-2026-8451: An insufficient input validation vulnerability affects Citrix NetScaler ADC and NetScaler Gateway appliances configured as a SAML Identity Provider (IdP). Remote, unauthenticated attackers can exploit this flaw by sending malformed requests to trigger a memory overread, allowing them to leak chunks of sensitive data from adjacent appliance memory.
-
CVE-2026-8037: A critical OS command injection vulnerability in Progress Kemp LoadMaster load balancers allows unauthenticated remote attackers to achieve remote code execution (RCE).
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 78826e3223b94da493a2ade876973ac4 | N/A | Citrix Netscaler ADC – Insufficient Input Validation – CVE:CVE-2026-8451 | Log | Block | This is a new detection. |
| Cloudflare Managed Ruleset | 6b64d216620449fbb273d07910233f36 | N/A | Progress Kemp LoadMaster – Remote Code Execution – CVE:CVE-2026-8037 | Log | Block | This is a new detection. |
Source: Cloudflare
Latest Posts
- WAF – WAF Release – 2026-07-14

- AWS Partner Central subsidiary connections now support qualification sharing

- Amazon DocumentDB (with MongoDB compatibility) adds support for 46 new MongoDB operators in version 8.0.1

- MC1309743: Viva Engage Stops Email Notifications for Frontline Users Without Exchange Mailboxes




