Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Citrix security patch release for CVE-2026-3055

Security Patch Release
First reported
Last updated
Happening score
H score 50
2 unique sources, 2 articles

Summary

Hide ▲

Citrix's NetScaler ADC and NetScaler Gateway updates close CVE-2026-3055 and CVE-2026-4368, including a flaw that could leak sensitive memory from configured appliances. The release matters because the issues carry CVSS 9.3 and CVSS 7.7 scores and affect specific gateway and SAML IDP deployments. Customers on impacted versions are being told to apply the latest updates as soon as possible to reduce exposure.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Cisco security patch release for CVE-2026-20188

Security Patch Release
First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Open Happening

Timeline

  1. 24.03.2026 07:59 2 articles · 2mo ago

    Citrix releases NetScaler security updates

    Mitigation Patch Update

    Citrix released security updates for NetScaler ADC and NetScaler Gateway to fix CVE-2026-3055 and CVE-2026-4368, including a CVSS 9.3 memory-overread flaw that can let unauthenticated remote attackers leak sensitive appliance memory when a SAML Identity Provider (SAML IDP) profile is configured, and a CVSS 7.7 race condition that can cause user session mixup on gateway or AAA deployments. The affected builds include 14.1 before 14.1-66.59, 13.1 before 13.1-62.23, and 13.1-FIPS/13.1-NDcPP before 13.1-37.262, and customers were urged to inspect NetScaler Configuration strings and apply the latest updates as soon as possible.

    Show sources
    Open in new tab