CVE-2026-3055 is a critical out-of-bounds memory read (CWE-125, CWE-119) in Citrix NetScaler ADC and NetScaler Gateway with a reported CVSS of 9.3 and an EPSS score in the 97.5th percentile, indicating very high exploitation likelihood. Active attacker reconnaissance is confirmed by CrowdSec and multiple security sources, though CISA KEV status and authoritative affected version ranges remain unverified from NVD and the official Citrix Security Bulletin at time of analysis — verify directly at https://nvd.nist.gov/vuln/detail/CVE-2026-3055 and support.citrix.com before patching. Immediate action: restrict NetScaler management interface access to trusted IP ranges, monitor NSLOG and HTTPERROR logs for anomalous request patterns, and apply the Citrix patch as soon as the vendor advisory confirms a fixed build for your deployment.