HTTP Request Parsing Flaw in Check Point Product
CVE-2026-48135

5.3MEDIUM

Key Information:

Vendor: Checkpoint
Status: Quantum Security Gateway
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-48135?

An HTTP-based service by Check Point is susceptible to a security flaw that arises from improper handling of malformed HTTP requests. This vulnerability stems from weaknesses in HTTP request parsing and validation, which could potentially allow attackers to exploit the issue if left unaddressed. It is crucial for users of the affected service to roll out necessary patches and updates to maintain the integrity and security of their systems.

Affected Version(s)

Quantum Security Gateway R82.10 with Jumbo Hotfix Take 6 or below

Quantum Security Gateway R82 with Jumbo Hotfix Take 91 or below

Quantum Security Gateway R81.20 with Jumbo Hotfix Take 127 or below

References

https://support.checkpoint.com/results/sk/sk184991

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
May 20, 2026

CVE-2026-48135 Data

JSON

Checkpoint

What is CVE-2026-48135?

Affected Version(s)

References

CVSS V3.1

Timeline