Citrix security patch release for CVE-2026-3055
Security Patch Release
Summary
Hide ▲
Show ▼
Citrix's NetScaler ADC and NetScaler Gateway updates close CVE-2026-3055 and CVE-2026-4368, including a flaw that could leak sensitive memory from configured appliances. The release matters because the issues carry CVSS 9.3 and CVSS 7.7 scores and affect specific gateway and SAML IDP deployments. Customers on impacted versions are being told to apply the latest updates as soon as possible to reduce exposure.
Related Happenings
Citrix security patch release for CVE-2026-13474
Security Patch Release
H score35
First: 01.07.2026 06:54
Last: 01.07.2026 06:54
Sources 1
About this happening:
**Citrix** released security updates for **NetScaler ADC** and **NetScaler Gateway** to fix **six vulnerabilities** that could enable **arbitrary file reads** or **denial of servi...
Citrix security patch release for CVE-2026-13474
Security Patch ReleaseAbout this happening: **Citrix** released security updates for **NetScaler ADC** and **NetScaler Gateway** to fix **six vulnerabilities** that could enable **arbitrary file reads** or **denial of servi...
Cisco security patch release for CVE-2026-20262
Security Patch Release
H score47
First: 15.06.2026 20:12
Last: 15.06.2026 20:12
Sources 1
About this happening:
**Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
Cisco security patch release for CVE-2026-20262
Security Patch ReleaseAbout this happening: **Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch Release
H score59
First: 09.06.2026 09:26
Last: 09.06.2026 09:26
Sources 1
About this happening:
BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch ReleaseAbout this happening: BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
Check Point security patch release for CVE-2026-50751
Security Patch Release
H score48
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point security patch release for CVE-2026-50751
Security Patch ReleaseAbout this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/Mitigation
H score52
First: 06.06.2026 11:14
Last: 06.06.2026 11:14
Sources 1
About this happening:
**SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/MitigationAbout this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
Timeline
-
24.03.2026 07:59 2 articles · 3mo ago
Citrix releases NetScaler security updates
Mitigation Patch UpdateCitrix released security updates for NetScaler ADC and NetScaler Gateway to fix CVE-2026-3055 and CVE-2026-4368, including a CVSS 9.3 memory-overread flaw that can let unauthenticated remote attackers leak sensitive appliance memory when a SAML Identity Provider (SAML IDP) profile is configured, and a CVSS 7.7 race condition that can cause user session mixup on gateway or AAA deployments. The affected builds include 14.1 before 14.1-66.59, 13.1 before 13.1-62.23, and 13.1-FIPS/13.1-NDcPP before 13.1-37.262, and customers were urged to inspect NetScaler Configuration strings and apply the latest updates as soon as possible.
Show sources
- Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks — thehackernews.com — 24.03.2026 07:59
- CISA orders feds to patch actively exploited Citrix flaw by Thursday — www.bleepingcomputer.com — 31.03.2026 10:05