Skip to content

// #adc

2 articles

← All tags
🌐 Network

Citrix NetScaler CVE-2026-3055 Exploitation Escalates — Fortinet Confirms Large-Scale Attacks on Internet-Facing ADC

Fortinet's threat intelligence team has confirmed large-scale active exploitation of CVE-2026-3055, the Citrix NetScaler SAML IDP memory overread vulnerability (CVSSv4 9.3) patched in March. More than 65 days after the patch was available, thousands of internet-facing NetScaler ADC appliances remain unpatched and are being targeted by automated exploitation frameworks.

#citrix +7
🌐 Network

Citrix NetScaler CVE-2026-3055 Actively Exploited — CISA Orders Patch by 2 April

A critical unauthenticated memory overread vulnerability in Citrix NetScaler ADC and NetScaler Gateway is being actively exploited in the wild, with CISA adding it to the Known Exploited Vulnerabilities catalogue. Appliances configured as SAML Identity Providers are leaking sensitive memory contents including session tokens via a crafted SAML request.

#citrix +8