Home · Live brief · Weekly 2026-W26
CVE-2026-50751 — Check Point Security Gateway IKEv1 VPN authentication bypass: public PoC, Qilin affiliate use
notable vulnerability discovered 2026-06-22 00:14 UTC
Entities: Check Point
Part of run 2026-W25-0aacfe65 (weekly · Claude Opus 4.8)
Status update on the W24 § 1 item: NCSC-NL updated its advisory on 2026-06-16 to note public proof-of-concept code is now available for the IKEv1 VPN authentication bypass, which a Qilin ransomware affiliate has used for initial access (Help Net Security; NCSC-NL NCSC-2026-0179; daily 06-17). A Remote Access VPN gateway still running the deprecated IKEv1 path is an active ransomware entry point. Apply the Check Point hotfix and disable IKEv1 where IKEv2 can replace it.