Am I affected by CVE-2026-3055?

NetScaler ADC/Gateway 14.1 < 14.1-66.59, 13.1 < 13.1-62.23, 13.1-FIPS/NDcPP < 13.1-37.262.

How do I fix CVE-2026-3055?

Update to 14.1-66.59, 13.1-62.23, or 13.1-37.262 respectively. CISA deadline is April 2, 2026.

Citrix NetScaler exploitation confirmed - CISA adds to KEV with April 2 deadline (CVE-2026-3055)

Q: How do I fix CVE-2026-3055?

Update to 14.1-66.59, 13.1-62.23, or 13.1-37.262 respectively. CISA deadline is April 2, 2026.

Q: What should I do about Citrix NetScaler exploitation confirmed - CISA adds to KEV with April 2 deadline (CVE-2026-3055)?

Check if you run NetScaler ADC or Gateway configured as a SAML identity provider.

vulnerability

CVE-2026-3055

2026-03-30

Citrix NetScaler exploitation confirmed - CISA adds to KEV with April 2 deadline (CVE-2026-3055)

The Citrix NetScaler flaw we reported under active recon two days ago has escalated fast. Attackers are now sending crafted SAMLRequest payloads that trigger memory leaks exposing sensitive data through session cookies. CISA added CVE-2026-3055 to the Known Exploited Vulnerabilities catalog on March 30 with an unusually tight April 2 remediation deadline - just three days for federal agencies.

Check: Check if you run NetScaler ADC or Gateway configured as a SAML identity provider.
Affected: NetScaler ADC/Gateway 14.1 < 14.1-66.59, 13.1 < 13.1-62.23, 13.1-FIPS/NDcPP < 13.1-37.262.
Fix: Update to 14.1-66.59, 13.1-62.23, or 13.1-37.262 respectively. CISA deadline is April 2, 2026.