CVE-2026-3055

Summary

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 66.59affected
NetScalerADC13.1 < 62.23affected
NetScalerADC13.1 FIPS and NDcPP < 37.262affected
NetScalerGateway14.1 < 66.59affected
NetScalerGateway13.1 < 62.23affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References