Citrix has patched a critical memory overflow flaw (CVE-2025-6543, CVSS 9.2) in NetScaler ADC and Gateway, which has been actively exploited in the wild. The vulnerability affects systems configured as Gateways or AAA virtual servers and can lead to denial-of-service or unintended control flow. Citrix urges immediate updates, as no workarounds exist and thousands of instances remain exposed.