1 article
CISA added CVE-2026-50751 to the Known Exploited Vulnerabilities catalogue on 8 June with a three-day remediation deadline and confirmed ransomware campaign use. The vulnerability is a CVSS 9.3 authentication bypass in Check Point Security Gateway's IKEv1 VPN protocol handling that allows unauthenticated attackers to bypass remote access VPN authentication entirely. An emergency hotfix is available.
Check Point CVE-2026-50751 joins a long list of critical authentication bypass and remote code execution vulnerabilities in enterprise VPN gateways that have been exploited in ransomware campaigns. The pattern is consistent enough that it is no longer useful to treat each as a one-off incident — it is a structural category of risk that requires a structural response.
CipherWatch Editorial
Security Intelligence Platform