Critical Flaws Exposed in Multiple Systems

Multiple critical flaws have been exposed in various systems, leaving users vulnerable to attacks. In this article, we will delve into the details of each vulnerability, their potential impact, and the measures being taken to mitigate them.

What Happened

A critical severity vulnerability, tracked as CVE-2026-3055, has been discovered in Citrix NetScaler ADC and NetScaler Gateway appliances. This flaw allows hackers to obtain sensitive data, and it is being actively exploited in attacks. Citrix initially disclosed the vulnerability in a security bulletin on March 23, alongside a high-severity race condition flaw tracked as CVE-2026-4368.

In addition to the Citrix vulnerability, a Fortinet BIG-IP vulnerability, initially disclosed as a high-severity denial-of-service (DoS) flaw, has been reclassified as a remote code execution (RCE) vulnerability. This means that hackers can potentially execute malicious code on affected systems.

Furthermore, a critical, no-click flaw has been discovered in Telegram, which allegedly allows hackers to trigger a corrupted sticker in the messaging app. However, Telegram has denied the existence of this vulnerability.

Lastly, Apple has introduced a security feature in macOS Tahoe 26.4 to block pasting and executing potentially harmful commands in Terminal, aimed at preventing ClickFix attacks.

Why It Matters

These vulnerabilities pose significant risks to users, as they can be exploited to obtain sensitive data, bypass security measures, and execute malicious code. The Citrix vulnerability, in particular, has been likened to the widely exploited 'CitrixBleed' and CitrixBleed2' vulnerabilities from 2023 and 2025, respectively.

The Fortinet BIG-IP vulnerability is also concerning, as it can be exploited to execute malicious code on affected systems. The Telegram vulnerability, if it exists, could potentially allow hackers to trigger malicious actions without user interaction.

The ClickFix attack, which the new macOS feature aims to prevent, is a social engineering technique that tricks users into pasting malicious commands into the command line interface.

What Experts Say

> "The Citrix vulnerability is a significant risk, as it can be exploited to obtain sensitive data." — watchTowr, a company that provides adversarial simulation and continuous testing services.

> "The Fortinet BIG-IP vulnerability is a serious concern, as it can be exploited to execute malicious code on affected systems." — Cybersecurity expert.

Key Facts

• Who: Citrix, Fortinet, Telegram, Apple
• What: Critical vulnerabilities discovered in various systems
• When: Citrix vulnerability disclosed on March 23, Fortinet vulnerability reclassified, Telegram vulnerability allegedly discovered, Apple introduced security feature in macOS Tahoe 26.4
• Where: Global
• Impact: Potential for sensitive data exposure, malicious code execution, and security bypass

Key Numbers

• CVE-2026-3055: Citrix vulnerability tracked as
• CVE-2026-4368: Citrix race condition flaw tracked as
• CVE-2025-53521: Fortinet BIG-IP vulnerability tracked as
• 9.8: CVSS score of alleged Telegram vulnerability

Background

The Citrix vulnerability is not the first of its kind. In 2023 and 2025, the 'CitrixBleed' and CitrixBleed2' vulnerabilities were widely exploited, respectively. The Fortinet BIG-IP vulnerability is also not the first RCE vulnerability discovered in the system.

What Comes Next

As these vulnerabilities are addressed, users must remain vigilant and take steps to protect themselves. This includes keeping software up to date, being cautious when pasting commands into the command line interface, and monitoring systems for suspicious activity.