By Divya
Publication Date: 2026-03-24 05:13:00
Cloud Software Group has published a critical security bulletin addressing two significant vulnerabilities in customer-managed NetScaler ADC and NetScaler Gateway deployments.
These flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow attackers to extract sensitive data from memory or to gain unauthorized access to sessions.
System administrators are strongly urged to apply the available security updates immediately to protect their network infrastructure.
Critical Memory Overread Flaw
The most severe vulnerability, CVE-2026-3055, carries a critical CVSS v4.0 base score of 9.3.
Discovered internally during routine security reviews, this flaw involves insufficient input validation, leading to an out-of-bounds memory read.
An attacker exploiting this weakness could access sensitive information stored in the appliance’s memory.
To be vulnerable to this specific attack, the NetScaler ADC or Gateway appliance must be configured as a Security…
