A critical severity memory vulnerability tracked as CVE-2026-3055 is being actively exploited by threat actors targeting Citrix NetScaler ADC and NetScaler Gateway appliances. The flaw allows attackers to obtain sensitive data from affected systems through memory corruption attacks.
The vulnerability has been classified as critical severity, indicating it poses significant risk to organizations running vulnerable NetScaler infrastructure. Active exploitation has been confirmed, meaning threat actors are already weaponizing this flaw in real-world attacks rather than it being a theoretical risk.