What is CVE-2026-48136?

CVE-2026-48136 is a medium-severity vulnerability in Checkpoint Quantum Security Management, classified under SQL Injection. CVSS score: 4.1/10. Published 2026-05-26.

How severe is CVE-2026-48136?

Medium severity. CVSS v3 base score is 4.1 out of 10.

SQL Injection in Checkpoint Quantum Security Management

CVE-2026-48136

When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain (CMA) can modify stored metadata associated with Compliance Best Practices in another Managem…

Vulnerability class: SQL Injection

EPSS: 0.001 (17.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.1 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L.

Affected products

Checkpoint Quantum Security Management — versions All releases from R81.10 and below, R81.20 with Jumbo Hotfix Take 127 or below, R82 with Jumbo Hotfix Take 91 or below

Weakness classification (CWE)

CWE-89 — SQL Injection

References

cve@checkpoint.com

Frequently asked questions

What is CVE-2026-48136?: CVE-2026-48136 is a medium-severity vulnerability in Checkpoint Quantum Security Management, classified under SQL Injection. CVSS score: 4.1/10. Published 2026-05-26.
How severe is CVE-2026-48136?: Medium severity. CVSS v3 base score is 4.1 out of 10.