Back to Live Pulse

Critical

Netscaler application delivery controller

Out-of-bounds Read

CVE-2026-3055

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.

https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3055