CVE-2026-3055: Citrix NetScaler

What is CVE-2026-3055?

Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.

CVSS9.8 NVD 3.1

SeverityCRITICAL

Exploitation In the wild In CISA KEV

Triage statusActive Exploit

ActionPatch immediately

CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Citrix NetScaler Out-of-Bounds Read Vulnerability

Added to KEV2026-03-30

Federal patch deadline2026-04-02

Known ransomware useUnknown

Affected product

Citrix NetScaler

Remediation Steps

Identify all Citrix NetScaler ADC and Gateway deployments in your infrastructure
Apply Citrix security patches addressing memory overread vulnerability
Restrict access to NetScaler management interfaces via IP whitelisting
Enable input validation and WAF rules on gateway endpoints
Monitor for suspicious memory access patterns and connection spikes

References

Coverage on defend.network

Vulnerability Priority Report – Week 5 of March 2026 (March 30 – April 5)
Citrix exploited; Axios npm RAT supply-chain; OpenAI data theft (2026-03-31)
FBI Director email breached; Citrix & F5 zero-days exploited (2026-03-30)
Iran breaches FBI Director email; Citrix & F5 zero-days unpatched (2026-03-29)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.