<![CDATA[➡️ CVE-2026-3055 👀 👇 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300]]>➡️ CVE-2026-3055 👀
👇
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300

  • CVE-2026-3055 - Out-of-Bounds Read vulnerability - CVSSv4 base score: 9.3
    Note: Citrix NetScaler ADC or Citrix Gateway must be configured as SAML IDP to be vulnerable to CVE-2026-3055.

    • CVE-2026-4368 - Race Condition vulnerability - CVSSv4 base score: 7.7Note: Affected appliances must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP proxy) or AAA virtual server to be vulnerable CVE-2026-4368.

( -> https://cve.circl.lu/search?q=CVE-2026-3055 )

]]>https://board.circlewithadot.net/topic/1faf2bdb-c945-4543-909e-ba0858a0374e/cve-2026-3055-https-support.citrix.com-support-home-kbsearch-article-articlenumber-ctx696300RSS for NodeSat, 18 Apr 2026 01:26:05 GMTMon, 23 Mar 2026 15:48:01 GMT60<![CDATA[Reply to ➡️ CVE-2026-3055 👀 👇 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 on Mon, 30 Mar 2026 07:26:04 GMT]]>⚠️ CVE-2026-3055 / Citrix NetScaler : la reconnaissance est en cours.

Des activités de reconnaissance ciblent déjà les appliances exposées, avec notamment des requêtes vers /cgi/GetAuthMethods pour identifier les configs exploitables, en particulier les environnements SAML IdP.
GBHackers relaie ces observations
👇
https://gbhackers.com/hackers-probe-citrix-netscaler-systems-cve-2026-3055-exploitation/

Côté exposition, ONYPHE recense plus de 18000 IP uniques sur une version vulnérable, (dont environ +800 en Suisse).
👇
https://www.linkedin.com/posts/onyphe_vulnerability-asm-attacksurfacemanagement-activity-7442250727046987776-ofYV

Le pattern rappelle clairement les précédents CitrixBleed : si du NetScaler est encore exposé, la fenêtre avant exploitation de masse pourrait être très courte.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/decio/statuses/116316934261011231https://board.circlewithadot.net/post/https://infosec.exchange/users/decio/statuses/116316934261011231Mon, 30 Mar 2026 07:26:04 GMT<![CDATA[Reply to ➡️ CVE-2026-3055 👀 👇 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 on Mon, 23 Mar 2026 17:05:23 GMT]]>@christopherkunz Let’s hope not,🫣 but yeah, this smells bad. Some honeypot operators have reported a noticeable rise in attacks targeting these devices over the past week and watchtwr is sounding the horn.
If the wind carries the smell…

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/decio/statuses/116279576063752506https://board.circlewithadot.net/post/https://infosec.exchange/users/decio/statuses/116279576063752506Mon, 23 Mar 2026 17:05:23 GMT<![CDATA[Reply to ➡️ CVE-2026-3055 👀 👇 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 on Mon, 23 Mar 2026 15:52:44 GMT]]>@decio Here we go again - CitrixBleed 3?

]]>https://board.circlewithadot.net/post/https://chaos.social/users/christopherkunz/statuses/116279290421250562https://board.circlewithadot.net/post/https://chaos.social/users/christopherkunz/statuses/116279290421250562Mon, 23 Mar 2026 15:52:44 GMT