Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-10847 | A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process. Successful exploitation could allow an attacker to gain elevated privileges on the affected Windows endpoint. | 7.8 | 0.12% | 2026-06-11 | 2026-06-17 |
| CVE-2026-50752 | A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel. | 7.4 | 4.86% | 2026-06-08 | 2026-06-17 |
| CVE-2026-50751 KEV | A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password. | 9.3 | 70.10% | 2026-06-08 | 2026-06-17 |
| CVE-2026-48136 | When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain (CMA) can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access permissions, bypassing Role-Based Access Control (RBAC). | 4.1 | 4.10% | 2026-05-26 | 2026-06-17 |
| CVE-2026-48135 | A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation. | 5.3 | 2.61% | 2026-05-26 | 2026-06-17 |
| CVE-2026-48134 | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not acces | 5.6 | 4.36% | 2026-05-26 | 2026-06-17 |
| CVE-2026-48133 | When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. | 7.5 | 4.75% | 2026-05-26 | 2026-06-17 |
| CVE-2026-48132 | The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service (temporary interruption of VPN negotiations/traffic). | 8.1 | 2.14% | 2026-05-26 | 2026-06-17 |
| CVE-2026-48131 | The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality). | 8.1 | 2.66% | 2026-05-26 | 2026-06-17 |
| CVE-2026-3502 KEV | TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user. | 7.8 | 5.75% | 2026-03-30 | 2026-06-17 |
| CVE-2025-9142 | A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory. | 7.5 | 0.07% | 2026-01-14 | 2026-06-17 |
| CVE-2025-8305 | An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files. | 6.5 | 0.10% | 2025-12-22 | 2026-06-17 |
| CVE-2025-8304 | An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server. | 6.5 | 0.10% | 2025-12-22 | 2026-06-17 |
| CVE-2025-3831 | Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. | 8.1 | 0.37% | 2025-08-12 | 2026-06-17 |
| CVE-2025-2028 | Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs | 6.5 | 0.18% | 2025-08-06 | 2026-06-17 |
| CVE-2024-52885 | The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway. | 5.0 | 0.46% | 2025-08-06 | 2026-06-17 |
| CVE-2024-24915 | Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. | 6.1 | 0.18% | 2025-06-29 | 2026-06-17 |
| CVE-2024-24916 | Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin). | 6.5 | 1.86% | 2025-06-19 | 2026-06-17 |
| CVE-2024-52888 | For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. | 5.4 | 0.25% | 2025-04-27 | 2026-06-17 |
| CVE-2024-52887 | Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. | 3.5 | 0.18% | 2025-04-27 | 2026-06-17 |