ON 23 March 2026, Citrix published a security advisory for CVE-2026-3055, a critical out-of-bounds read affecting NetScaler ADC and NetScaler Gateway. The vulnerability, which has a CVSS score of 9.3, allows unauthenticated remote attackers to leak potentially sensitive information from the appliance memory.
The advisory notes that systems configured as a SAML Identity Provider are vulnerable, while default configurations are unaffected; organisations can check their setup by locating the add authentication samlIdPProfile string in the NetScaler configuration. Affected versions include NetScaler ADC and NetScaler Gateway 14.1 before 14.1-66.59, 13.1 before 13.1-62.23, and NetScaler ADC 13.1-FIPS and 13.1-NDcPP before 13.1-37.262, with cloud instances not being affected.
As of the advisory, there was no known in-the-wild exploitation or public PoC, but exploitation is considered likely once PoC code becomes public, according to Citrix. Rapid7 recommends upgrading on an emergency basis to fixed versions listed in the advisory to remediate CVE-2026-3055.