CVE-2026-8451 affects NetScaler ADC and Gateway appliances configured as SAML identity providers, and Lupovis says exploit payloads appeared within 24 hours of disclosure. Admins should verify SAML IdP exposure, upgrade affected builds, and review SAML endpoint logs before treating the issue as routine patching.