Citrix NetScaler CVE-2026-3055 Out-of-Bounds Read Flaw Under Active Reconnaissance

CVE-2026-3055 is an out-of-bounds read vulnerability in Citrix NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway. When the affected product is configured as a SAML Identity Provider (IDP), the vulnerability leads to memory overread, potentially leaking sensitive information from server memory including authentication tokens and credentials. Active reconnaissance activity has been observed, indicating threat actors are probing for vulnerable instances in preparation for exploitation. CISA added CVE-2026-3055 to its Known Exploited Vulnerabilities catalog. Citrix NetScaler is widely deployed in enterprise environments as a critical network infrastructure component, making this vulnerability particularly impactful. Organizations should immediately apply Citrix security patches, review SAML IDP configurations, and monitor for unusual authentication patterns or memory-related errors in NetScaler logs.