CITRIX has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the appliance. The flaws are CVE-2026-3055, with a CVSS score of 9.3, caused by insufficient input validation leading to memory overread, and CVE-2026-4368, with a CVSS score of 7.7, a race condition leading to user session mixup.
According to Rapid7, CVE-2026-3055 refers to an out-of-bounds read that could be exploited by unauthenticated remote attackers to leak potentially sensitive information from the appliance’s memory, though exploitation requires the device to be configured as a SAML IDP. Citrix notes that devices not configured as a SAML IDP are unaffected by default, and customers should inspect their NetScaler Configuration for the string “add authentication samlIdPProfile .*” to determine if they are at risk.
The vulnerabilities affect NetScaler ADC and NetScaler Gateway versions 14.1 before 14.1-66.59 and 13.1 before 13.1-62.23, as well as NetScaler ADC 13.1-FIPS and 13.1-NDcPP before 13.1-37.262, and users are advised to apply the latest updates promptly.