User Authentication Bypass in VPN Remote Access and Mobile Access
CVE-2026-50751

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Quantum Security Gateway; Spark Firewalls
Vendor: CVE Published:; 8 June 2026

What is CVE-2026-50751?

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

Affected Version(s)

Quantum Security Gateway R82.10 with Jumbo Hotfix Take 19 or below

Quantum Security Gateway R82 with Jumbo Hotfix Take 103 or below

Quantum Security Gateway R81.20 with Jumbo Hotfix Take 141 or below

References

https://support.checkpoint.com/results/sk/sk185033

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2026
Vulnerability Reserved
Jun 7, 2026

CVE-2026-50751 Data

JSON

Checkpoint

What is CVE-2026-50751?

Affected Version(s)

References

Timeline