CRITICALCVE-2026-3055Published Modified CNA NetScaler
CVE-2026-3055: Insufficient input validation leading to memory overread
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
Metrics
- CVSS v4.0
- 9.3
- Severity
- CRITICAL
- Fixed in
- 37.262
- Affected Products
- 2
Fix available
37.26262.2366.59
Affected packages
- NetScaler / ADC< 66.59 (from 14.1) · < 62.23 (from 13.1) · < 37.262 (from 13.1 FIPS and NDcPP)
- NetScaler / Gateway< 66.59 (from 14.1) · < 62.23 (from 13.1)
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:LReferences