Tag

Netscaler

4 briefs RSS

Critical Vulnerabilities in NetScaler ADC and Gateway Allow Sensitive Data Exposure and Session Hijacking

Unauthenticated attackers can exploit CVE-2026-3055 (out-of-bounds read) to exfiltrate sensitive data from NetScaler ADC and Gateway, while CVE-2026-4368 (race condition) enables user session hijacking, necessitating immediate patching and enhanced monitoring.

exploited netscaler cve-2026-3055 cve-2026-4368 out-of-bounds read race condition memory corruption session hijacking

2r 1t 2c Apr 1, 2026

critical threat

Citrix NetScaler ADC and Gateway CVE-2026-3055 Exploitation

2 rules 3 TTPs

Threat actors are actively exploiting CVE-2026-3055, a critical memory overread vulnerability in Citrix NetScaler ADC and NetScaler Gateway appliances configured as a SAML identity provider (IDP), to extract sensitive information, including authenticated administrative session IDs, potentially leading to full system takeover.

citrix netscaler cve-2026-3055 memory-overread information-disclosure

2r 3t Mar 31, 2026

critical advisory

Citrix Systems NetScaler Vulnerabilities Allow Information Disclosure and Session Hijacking

2 rules 2 TTPs

An anonymous or authenticated remote attacker can exploit multiple vulnerabilities in Citrix Systems NetScaler to disclose information and take over a user session.

citrix netscaler vulnerability session-hijacking information-disclosure

2r 2t Mar 24, 2026

medium advisory

Citrix NetScaler ADC and Gateway Vulnerabilities

2 rules

Citrix has released a security advisory addressing multiple vulnerabilities in NetScaler ADC and NetScaler Gateway that could lead to sensitive information disclosure and user session mix-up under specific configurations.

citrix netscaler vulnerability information-disclosure

2r Mar 23, 2026