CVE-2026-3055
Insufficient input validation leading to memory overread
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
7th
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
| CWE | CWE-125 |
| Vendor | netscaler |
| Product | adc |
| Published | Mar 23, 2026 |
| Last Updated | Mar 31, 2026 |
⚠️ Actively Exploited — Act Now
Get instant alerts for netscaler adc
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2026-3055.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
NetScaler / ADC
14.1 < 66.59 13.1 < 62.23 13.1 FIPS and NDcPP < 37.262
NetScaler / Gateway
14.1 < 66.59 13.1 < 62.23
References
support.citrix.com: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 labs.watchtowr.com: https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055