A critical authentication bypass flaw (CVE-2026-50751, CVSS 9.3) in Check Point's Remote Access VPN and Mobile Access is being actively exploited, allowing attackers to bypass authentication mechanisms. The vulnerability affects Check Point Gaia OS versions from r80.40 up to, but not including, r81.20, as well as specific versions r81.20, r81.20, r81.20, and r81.20. Patches are available in versions r81.20, r81.10.17, and r82.00.10, and immediate patching is critical as public proof-of-concept details are now available.
WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were limited, but with this information now public, a larger wave of opportunistic attacks may be expected. From silent exploitation to public disclosure CVE-2026-50751 was patched by Check Point on June 8, 2026, and the company said that … More → The post Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) appeared first on Help Net Security .