NetScaler memory overread CVE-2026-3055 mirrors CitrixBleed, exploitation imminent
by Artem Safonov
Third memory overread in NetScaler in three years. CVE-2026-3055 (CVSS 9.3) leaks session tokens from appliances configured as SAML IDP. The two predecessors, CitrixBleed and CitrixBleed2, both led to ransomware. watchTowr says exploitation is imminent.
Read more →