Main Vulnerability Database Exploits ID:12525 - Exploit for Out-of-bounds read in Citrix Netscaler ADC and Citrix NetScaler Gateway - CVE-2026-3055

ID:12525 - Exploit for Out-of-bounds read in Citrix Netscaler ADC and Citrix NetScaler Gateway - CVE-2026-3055

Published: April 1, 2026

Vulnerability identifier: #VU124257

Vulnerability risk: Critical

CVE-ID: CVE-2026-3055

CWE-ID: CWE-125

Exploitation vector: Remote access

Vulnerable software:
Citrix Netscaler ADC
Citrix NetScaler Gateway

Link to public exploit:

https://github.com/fevar54/CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition in SAML IDP. A remote attacker can send a specially crafted request the appliance, trigger an out-of-bounds read error and read contents of memory on the system.

Successful exploitation of the vulnerability may lead to full system compromise.

Remediation

Install updates from vendor's website.

ID:12525 - Exploit for Out-of-bounds read in Citrix Netscaler ADC and Citrix NetScaler Gateway - CVE-2026-3055

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human