PatchSiren

checkpoint CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH checkpoint CVE published 2026-06-08

CVE-2026-50752

CVE-2026-50752 is a HIGH severity vulnerability with a CVSS score of 7.4. The vulnerability is related to a weakness in the certificate validation logic of the deprecated IKEv1 key exchange, which may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could a [truncated]

MEDIUM checkpoint CVE published 2026-05-26

CVE-2026-48135

A Check Point HTTP-based service contains a vulnerability in its HTTP request parsing and validation logic that can lead to incorrect handling of malformed HTTP requests. The vulnerability is classified as a heap-based buffer overflow (CWE-122) with a CVSS 3.1 score of 5.3 (MEDIUM severity). The attack vector is network-based, requires low attack complexity, no privileges, and no user interaction, with a [truncated]