Citrix NetScaler CVE-2026-3055: Another High-Severity Alert for Gateway Infrastructure

Citrix has issued a security bulletin for CVE-2026-3055, a high-severity vulnerability affecting NetScaler ADC and NetScaler Gateway. Citrix says the issue impacts appliances configured as a SAML Identity Provider, and the security update applies to several supported release trains. The vendor bulletin identifies the flaw as serious enough to require immediate remediation in exposed environments.

The risk around this bug escalated further when CISA added CVE-2026-3055 to the Known Exploited Vulnerabilities catalog, indicating evidence of active exploitation. External reporting on the rollout said the flaw carries a CVSS score of 9.3 and resembles the pattern defenders have seen in past NetScaler crises, where attackers moved quickly from disclosure to exploitation. That is especially concerning because NetScaler devices often sit in high-value authentication and remote access paths.

This is exactly the kind of bug that keeps security leaders awake because it lives close to identity, access, and perimeter trust. If your organization depends on NetScaler for remote access or federation, patching cannot wait for the next maintenance window. Review exposure, update to fixed builds, and consider incident response triage for any device that remained internet-accessible after public disclosure. Citrix infrastructure has been a repeat target over the past few years, and attackers clearly still see it as fertile ground.