Checkpoint Quantum Security Gateway
5 CVEs affecting Checkpoint Quantum Security Gateway. Latest disclosed: 2026-05-26. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-48132 | High | 8.1 | 2026-05-26 | The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malfo… |
CVE-2026-48131 | High | 8.1 | 2026-05-26 | The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause… |
CVE-2026-48133 | High | 7.5 | 2026-05-26 | When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Secur… |
CVE-2026-48134 | Medium | 5.6 | 2026-05-26 | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access… |
CVE-2026-48135 | Medium | 5.3 | 2026-05-26 | A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation. |