Network Intrusion Detection Systems (NIDS) based on machine learning must evolve after deployment to detect emerging threats very soon with a few labeled samples, while without catastrophic forgetting or degrading due to concept drift. Existing methods address these issues in isolation, lacking a unified pipeline for tabular network traffic. This paper presents MAML-CIL-Drift, a unified framework integrating three components: (i) First-Order Model-Agnostic Meta-Learning (FOMAML) for rapid adaptation to unseen attacks using only a few samples; (ii) an outer-step Class-Incremental Learning (CIL) mechanism with a herding replay buffer, mitigating forgetting while preserving the meta-objective; and (iii) a label-free Maximum Mean Discrepancy (MMD) drift detector with in-stream percentile calibration to autonomously trigger updates. Evaluated on the CICIDS 2018 dataset under a strict temporal split, our framework achieves 0.948 accuracy on known classes and 0.696 on unseen classes from few-shot support. Following incremental updates, novel class accuracy improves to 0.846 (+0.150) and base class accuracy slightly increases to 0.908 (+0.026), demonstrating effective adaptation without forgetting. Furthermore, the self-calibrating drift detector reliably orchestrates updates with zero false alarms. These results indicate that our framework enables NIDS to autonomously adapt to drifting traffic and novel attacks without expert intervention.