A critical out-of-bounds memory read vulnerability (CVE-2026-3055, CVSS 9.3) has been disclosed in Citrix NetScaler ADC and NetScaler Gateway, affecting deployments configured as SAML Identity Providers. Security experts are drawing comparisons to the widely exploited CitrixBleed (2023) and CitrixBleed2 (2025) vulnerabilities, warning that exploitation could begin quickly once proof-of-concept code surfaces. Fixes are available in specific NetScaler versions. Beyond patching, security teams are advised to terminate active sessions post-patch, audit SAML IdP configurations using the string 'add authentication samlIdPProfile', review access paths for anomalous activity, and validate remediation from an external vantage point. Citrix-managed cloud services have already been updated; on-premises customers must apply patches themselves.
Sort: