CVE-2026-3055

Overview

NetScaler
ADC

23 Mar 2026

Published

24 Mar 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.02%

MITRE

KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

8 Posts
3 Interactions

Last activity: 4 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 Citrix Scrambles to Patch Critical 'CitrixBleed'-like Flaw in NetScaler Products

⚠️ Critical Citrix NetScaler flaw CVE-2026-3055 (CVSS 9.3) allows data theft, drawing comparisons to CitrixBleed. Unauthenticated attackers can read sensitive memory. Patch immediately! #Citrix #NetScaler #CyberSecurity #CVE

🔗 https://cyber.netsecops.io/articles/critical-citrix-netscaler-flaw-cve-2026-3055-exposes-sensitive-data/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

0
0
0
10h ago

Sam Stepanyan :verified: 🐘 @securestep9

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

0
1
1
15h ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical NetScaler Flaw Exposes Enterprise Networks: CVE-2026-3055 Enables Memory Leak & Session Hijacking + Video Introduction: NetScaler ADC (Application Delivery Controller) and Gateway serve as the backbone for application traffic management, load balancing, and secure remote access in…

1
0
0
20h ago

Help Net Security @helpnetsecurity.com

Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055) 📖 Read more: www.helpnetsecurity.com/2026/03/24/n... #cybersecurity #cybersecuritynews #vulnerability @rapid7.com

0
0
0
14h ago

キタきつね @kitafox.bsky.social

NetScaler ADCおよびゲートウェイの重大な脆弱性が悪用される可能性あり（CVE-2026-3055） Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055) #HelpNetSecurity (Mar 24) www.helpnetsecurity.com/2026/03/24/n...

0
0
0
4h ago

Undercode Testing @undercode.bsky.social

Critical NetScaler Flaws Expose Enterprise Networks: Immediate Patching Required for CVE-2026-3055 and CVE-2026-4368 + Video Introduction: NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway serve as critical infrastructure components, acting as the front door for application delivery, VPN…

1
0
0
10h ago

Modat @modat-io.bsky.social

Citrix fixed CVE-2026-3055 (9.3) & CVE-2026-4368 (7.7) in NetScaler ADC/Gateway. A memory overread may leak data and a race condition can cause session mix-up. Check - (SAML IdP / Gateway / AAA). Query: product="Citrix Gateway" OR product="Citrix ADC" OR web.title~"NetScaler Gateway" tag!=honeypot

0
0
0
11h ago

CVE-2026-21992

Overview

Oracle Corporation
Oracle Identity Manager

20 Mar 2026

Published

24 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.04%

MITRE

KEV

Description

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager and Oracle Web Services Manager. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager and Oracle Web Services Manager. Note: Oracle Web Services Manager is installed with an Oracle Fusion Middleware Infrastructure. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

4 Posts

Last activity: 11 hours ago

Fediverse

Jeff Hall - PCIGuru :verified: @jbhall56

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/

0
0
1
16h ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

Oracle releases urgent patch for CVE-2026-21992, a critical unauthenticated remote code execution flaw in Oracle Identity Manager 12.2.1.4.0 exploitable via HTTP. #OraclePatch #RemoteCodeExec #USA

0
0
0
16h ago

CyberVeille @cyberveille-ch.bsky.social

📢 Oracle alerte sur CVE-2026-21992 : RCE critique sans authentification dans Fusion Middleware 📝 ## 🔔 Contexte Oracle a publié le 19 mars… https://cyberveille.ch/posts/2026-03-24-oracle-alerte-sur-cve-2026-21992-rce-critique-sans-authentification-dans-fusion-middleware/ #CVE_2026_21992 #Cyberveille

0
0
0
11h ago

CVE-2025-43520

Overview

Apple
macOS

12 Dec 2025

Published

23 Mar 2026

Updated

CVSS

Pending

EPSS

0.48%

MITRE

KEV

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.

Statistics

9 Posts
14 Interactions

Last activity: 14 hours ago

Fediverse

Francesco Marini @fmarini

There has been a lot of sloppy reporting regarding DarkSword, with basically every news outlet saying that iOS 18 is vulnerable. It’s not, if you have the latest 18.7.3.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

#iOS #DarkSword

4
3
0
19h ago

JJTech @jjtech

Unfortunately it looks like CVE-2025-43520 was patched in iOS 26.1b4, the exact build I happened to leave my test device on...

I might play around with it on my Mac or in one of the new iOS pccvre VMs though.

1
1
0
14h ago

Francesco Marini @fmarini

@peternlewis sloppy reporting, as usual.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

0
5
6
19h ago

CVE-2026-4368

Overview

NetScaler
ADC

23 Mar 2026

Published

24 Mar 2026

Updated

CVSS v4.0

HIGH (7.7)

EPSS

0.02%

MITRE

KEV

Description

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Statistics

4 Posts
2 Interactions

Last activity: 10 hours ago

Fediverse

Sam Stepanyan :verified: 🐘 @securestep9

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

0
1
1
15h ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical NetScaler Flaws Expose Enterprise Networks: Immediate Patching Required for CVE-2026-3055 and CVE-2026-4368 + Video Introduction: NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway serve as critical infrastructure components, acting as the front door for application delivery, VPN…

1
0
0
10h ago

Modat @modat-io.bsky.social

Citrix fixed CVE-2026-3055 (9.3) & CVE-2026-4368 (7.7) in NetScaler ADC/Gateway. A memory overread may leak data and a race condition can cause session mix-up. Check - (SAML IdP / Gateway / AAA). Query: product="Citrix Gateway" OR product="Citrix ADC" OR web.title~"NetScaler Gateway" tag!=honeypot

0
0
0
11h ago

CVE-2026-3888

Overview

snapd

17 Mar 2026

Published

18 Mar 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.00%

MITRE

KEV

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Statistics

1 Post
9 Interactions

Last activity: 8 hours ago

Fediverse

knoppix @knoppix95

A new Ubuntu vulnerability (CVE-2026-3888) allows local users to escalate privileges to root via a timing-based exploit in Ubuntu Desktop 24.04 and newer. ⏱️
The flaw affects systems using older versions of snapd and requires immediate patching. 🔐

🔗 https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/

#TechNews #Ubuntu #Linux #SecurityFlaw #CVE #PrivilegeEscalation #RootAccess #Cybersecurity #LinuxSecurity #PatchNow #Snap #SystemVulnerabilities #DataProtection #TechUpdates #Privacy #OpenSource #Canonical

3
6
0
8h ago

CVE-2026-27210

Overview

mpetroff
pannellum

21 Feb 2026

Published

25 Feb 2026

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

0.03%

MITRE

KEV

Description

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hosting the standalone viewer HTML file and any other use of untrusted JSON config files (bypassing the protections of the escapeHTML parameter). As certain events fire without any additional user interaction, visiting a standalone viewer URL that points to a malicious config file — without additional user interaction — is sufficient to trigger the vulnerability and execute arbitrary JavaScript code, which can, for example, replace the contents of the page with arbitrary content and make it appear to be hosted by the website hosting the standalone viewer HTML file. This issue has been fixed in version 2.5.7. To workaround, setting the Content-Security-Policy header to script-src-attr 'none' will block execution of inline event handlers, mitigating this vulnerability. Don't host pannellum.htm on a domain that shares cookies with user authentication to mitigate XSS risk.

Statistics

1 Post
7 Interactions

Last activity: 13 hours ago

Fediverse

Infoblox Threat Intel @InfobloxThreatIntel

Dios mio! While researching a particular type of Colombian folk music, we stumbled across a .edu domain selling... accordions? Our first thought was potentially domain hijacking, but it appears to be more likely an exploitation of CVE-2026-27210 (TLDR; cross-site scripting). While the vulnerability has been patched in the plugin itself, not all pages have updated their plugins, and search engines have already indexed the poisoned pages! Pivoting led to 50+ additional domains found spread across three risky TLDs: .sbs, .pics, and .shop. The domains on .sbs and .pics appear to be config servers to exploit the vulnerability; the domains on .shop are the landing pages where victims can be scammed.

IOCs:
000o[.]sbs,0pen[.]sbs,123buys[.]shop,123me[.]shop,1bg[.]pics,1ki[.]pics,1mage[.]sbs,1ql[.]pics,1ty[.]pics,1vi[.]pics,1wr[.]pics,2ty[.]pics,569oagri[.]shop,66buys[.]shop,6ip[.]pics,6ym[.]pics,7rt[.]pics,8pi[.]pics,99buys[.]shop,99i[.]pics,9gwe[.]shop,a25n[.]shop,bk2[.]pics,bk59t[.]shop,buysok[.]shop,c68k[.]shop,cc1[.]pics,doo[.]pics,ep7[.]pics,estore-1[.]com,g9gvv[.]sbs,gaer896[.]shop,gm5[.]pics,gosok[.]shop,gt3[.]pics,h66p[.]shop,hh6[.]pics,iilvw[.]sbs,im9[.]pics,img1[.]sbs,in6[.]pics,jj3[.]pics,kk9[.]pics,lilil[.]sbs,llvvw[.]sbs,m66p6[.]shop,mebuys[.]shop,mg6[.]pics,mh8f6k[.]shop,mkk[.]pics,ms1[.]pics,nn6[.]pics,onsgs[.]com,p6[.]pics,p888p[.]shop,pan1[.]top,pic1[.]sbs,pic2[.]sbs,pt11[.]sbs,py3y[.]com,qq1[.]pics,rey89p[.]shop,shop56[.]shop,t88t8[.]shop,tp1[.]pics,tp9[.]pics,trues[.]sbs,up9[.]pics,upimg[.]sbs,uu2[.]pics,vt5[.]pics,vteyu[.]shop,vvf1[.]sbs,vvp1[.]sbs,w2w[.]pics,w88p[.]shop,wp59q[.]shop,wvlll[.]sbs,wvv1[.]sbs,wvvvv[.]sbs,x2p[.]pics,xyaer548[.]shop,yi1[.]pics

#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #seo_poisoning #seopoisoning

2
5
0
13h ago

CVE-2025-14819

Overview

curl
curl

08 Jan 2026

Published

08 Jan 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

When doing TLS related transfers with reused easy or multi handles and altering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcurl find and accept a trust chain that it otherwise would not.

Statistics

2 Posts
2 Interactions

Last activity: 17 hours ago

Fediverse

Deskmodder @Deskmodder

Notepad++ 8.9.3 mit einigen Korrekturen und einer berbesserten SIcherheit für cURL (CVE-2025-14819)

https://www.deskmodder.de/blog/2026/03/24/notepad-8-9-3-mit-einigen-korrekturen-und-einer-berbesserten-sicherheit-fuer-curl-cve-2025-14819/

2
0
1
17h ago

CVE-2025-55182

Overview

Meta
react-server-dom-webpack

03 Dec 2025

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

65.08%

MITRE

KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

1 Post
2 Interactions

Last activity: 21 hours ago

Fediverse

David Bushell 🪿 @db

"These two environments only communicate through serialized messages, which allows safe execution of AI-generated code and makes the sandbox a good fit for inline UI produced by chat agents."

https://arrow-js.com/#sandbox

hmm yes serialization that's bulletproof *cough* CVE-2025-55182 *cough*

(at least they're not pretending to review code anymore)

0
2
0
21h ago

CVE-2026-28373

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
1 Interaction

Last activity: 13 hours ago

Fediverse

MrTuxracer @MrTuxracer

Turning an encrypted backup into Remote Code Execution in Stackfield’s desktop app (CVE-2026-28373).

#security

https://www.rcesecurity.com/2026/03/stackfield-desktop-app-rce-via-path-traversal-and-arbitrary-file-write-cve-2026-28373/

0
1
1
13h ago

CVE-2025-41660

Overview

CODESYS
CODESYS Control RTE (SL)

24 Mar 2026

Published

24 Mar 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.21%

MITRE

KEV

Description

A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.

Statistics

1 Post

Last activity: 20 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-011
CODESYS Control V3 - Untrusted boot application

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.
#CVE CVE-2025-41660

https://certvde.com/en/advisories/vde-2026-011/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json

0
0
0
20h ago