CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read

Overview On March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway products. This vulnerability, CVE-2026-3055, which is classified as an out-of-bounds read and holds a CVSS...

PT-2025-25649 · Citrix · Netscaler Console +1

Name of the Vulnerable Software and Affected Versions: NetScaler Console and NetScaler SDX SVM affected versions not specified Description: A security issue has been identified, allowing for arbitrary file read. This affects customer-managed environments. Recommendations: At the moment, there is ...

June 11, 2024—KB5039236 (OS Build 25398.950)

June 11, 2024—KB5039236 OS Build 25398.950 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-5491 and CVE-2024-5492

Description of Problem Two vulnerabilities have been discovered in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway. Refer to below for further details: Affected Versions The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the...

June 20, 2024—KB5041054 (OS Build 20348.2529) Out-of-band

June 20, 2024—KB5041054 OS Build 20348.2529 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to fin...

Impact of HTTP/2 CONTINUATION frames being utilized for DoS attacks on Cloud Software Group Products

Cloud Software Group is aware of the reports describing HTTP/2 CONTINUATION frames being utilized for DoS attacks. HTTP/2 CONTINUATION frames can be utilized for DoS attacks HTTP/2 CONTINUATION Flood Cloud Software Group continues to investigate any potential impact on Cloud Software Group-manage...

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Multiple vulnerabilities have been discovered in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway. Affected Versions: The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities: NetScaler ADC and NetScaler...

Citrix Content Collaboration ShareFile Improper Access Control Vulnerability

Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers...

VulnCheck KEV: CVE-2023-24489

Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers...

CVE-2023-24489

A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller...

Design/Logic Flaw

A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller...

Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516

Vulnerabilities have been discovered in Citrix Gateway and Citrix ADC, listed below. Note that only appliances that are operating as a Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy are affected by the first issue, which is rated as a Critical severity vulnerability. CVE-ID| Description| CWE| Affect...

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27509

A vulnerability has been discovered in Citrix ADC and Citrix Gateway which enables an attacker to create a specially crafted URL that redirects to a malicious website. This vulnerability has the following identifier: CVE-ID| Description| CWE| Pre-conditions ---|---|---|--- CVE-2022-27509|...

Citrix Security Advisory for CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832.

Citrix is aware offourvulnerabilitiesaffectingApache Log4j2, threeof whichmayallowan attackertoexecute arbitrary code. Thesethreevulnerabilitieshavebeen given the followingidentifiers: CVE-2021-44228 CVE-2021-45046 CVE-2021-44832 Thefourthvulnerabilitymay allowan attackertocause a denial of...

Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Edition appliance Security Update

Vulnerabilities have been discovered in Citrix ADCformerlyknown asNetScaler ADC,Citrix Gateway formerlyknown asNetScaler Gateway,and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.These vulnerabilities,if exploited,could result in the following security issues: CVE-ID|...

Citrix ShareFile storage zones Controller multiple security updates

Description of Problem Security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving an attacker the ability to access...