Out-of-bounds read in Secure Access Client for Windows - CVE-2026-53566
Published: July 15, 2026
Secure Access Client for Windows
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in Citrix Secure Access Client for Windows when processing memory on a local system. A local user can trigger the out-of-bounds read to disclose sensitive information.
Exploitation requires standard user access on the local system, and the DNE driver must not be installed.