Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application.
The vulnerabilities are listed below –

CVE-2026-3055 (CVSS score: 9.3) – Insufficient input validation leading to memory overread
CVE-2026-4368 (CVSS score: 7.7) – Race condition leading to user