CVE-2026-3055 affects Citrix NetScaler ADC, NetScaler Gateway, and NetScaler ADC FIPS/NDcPP deployments configured as SAML identity providers, enabling out-of-bounds memory reads through malformed SAML requests. The vulnerability permits remote information disclosure without authentication; affected systems are estimated to number approximately 12,000 internet-facing instances based on available shodan queries as of 06 March 2026. CISA added this vulnerability to the Known Exploited Vulnerabilities catalog with confirmed active exploitation reported by multiple defensive teams. Immediate patching of SAML IDP configurations is critical for organizations operating Citrix authentication infrastructure in perimeter defense roles.