Advisories 1 April 2026 / 0 Comments

Citrix NetScaler ADC/Gateway — Active Exploitation (CVE-2026-3055)

Scope: Citrix NetScaler ADC & Gateway

Severity: Red

A critical vulnerability in Citrix NetScaler ADC and Gateway (CVE-2026-3055, CVSS 9.3) stemming from insufficient input validation is being actively exploited in the wild, allowing unauthenticated remote attackers to steal sensitive information from appliances configured as SAML identity providers. Cybersecurity firm Watchtowr confirmed exploitation was already occurring days after Citrix issued patches on March 23, warning that attackers can steal admin authentication session IDs, potentially enabling a full appliance takeover. Apply the Citrix security update immediately and restrict external exposure of NetScaler appliances.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.

Citrix NetScaler ADC/Gateway — Active Exploitation (CVE-2026-3055)

Axios npm Package Backdoored by North Korean Threat Actor (UNC1069)

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Citrix NetScaler ADC/Gateway — Active Exploitation (CVE-2026-3055)

RELATED ADVISORIES

Axios npm Package Backdoored by North Korean Threat Actor (UNC1069)

Recent Advisories

Categories