Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA KEV order for FCEB remediation of CVE-2026-50751

Public Sector Action
First reported
Last updated
Happening score
H score 49
1 unique sources, 1 articles

Summary

Hide ▲

CISA ordered Federal Civilian Executive Branch agencies to secure CVE-2026-50751, forcing a rapid federal response to a flaw that can let attackers bypass authentication on affected Check Point VPN systems. The directive matters because the vulnerability has already been used in zero-day attacks and is now on the Known Exploited Vulnerabilities (KEV) Catalog. Agencies must meet the June 11 deadline under Binding Operational Directive 22-01.

Related Happenings

Check Point VPN CVE-2026-50751 targeted exploitation wave

Exploitation Wave
First: 08.06.2026 17:17 Last: 08.06.2026 17:17 Sources 1

How related: Israeli cybersecurity company Check Point released security updates to address CVE-2026-50751 on Monday, flagging it as exploited in attacks that began on May 7 and surged over the weekend.

About this happening: **CVE-2026-50751** is an **active exploitation wave** against **Check Point Remote Access VPN** and **Mobile Access** deployments that use **deprecated IKEv1**. The flaw is an **a...

Open Happening

Check Point Remote Access VPN and Mobile Access authentication bypass (CVE-2026-50751)

Vulnerability
First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

How related: Unauthenticated remote attackers can exploit this security flaw (tracked as CVE-2026-50751) to bypass authentication and establish a remote access VPN connection on targeted Mobile Access/SSL VPNs, Remote Access VPNs, or Spark firewalls.

About this happening: **Check Point** warned that **CVE-2026-50751** is a **critical authentication bypass** in **Remote Access VPN** and **Mobile Access** deployments using **deprecated IKEv1**, letti...

Open Happening

Check Point security patch release for CVE-2026-50751

Security Patch Release
First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

How related: Israeli cybersecurity company Check Point released security updates to address CVE-2026-50751 on Monday, flagging it as exploited in attacks that began on May 7 and surged over the weekend.

About this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

Timeline

  1. 09.06.2026 11:18 1 articles · 2h ago

    Qilin-affiliate exploitation begins against Check Point VPN deployments

    Exploitation Observed

    Unauthenticated remote attackers exploit CVE-2026-50751 against affected Check Point Remote Access VPN and Mobile Access deployments using deprecated IKEv1, bypassing authentication to establish remote VPN access; the observed attacks begin on May 7 and are linked to Qilin ransomware affiliates.

    Show sources
    Open in new tab
  2. 09.06.2026 11:18 1 articles · 2h ago

    Check Point patches CVE-2026-50751 and issues IKEv2-only mitigation guidance

    Mitigation Patch Update

    Check Point releases security updates for CVE-2026-50751 on Monday and flags the flaw as exploited in attacks that began on May 7, while advising customers to remove support for the legacy remote access client, configure Remote Access VPN Authentication for IKEv2 only, enable IPS and download the signatures, and make Machine Certificate Authentication mandatory.

    Show sources
    Open in new tab
  3. 09.06.2026 11:18 2 articles · 2h ago

    CISA adds CVE-2026-50751 to KEV and orders federal remediation by June 11

    Legal Policy Action Update

    CISA adds CVE-2026-50751 to the Known Exploited Vulnerabilities Catalog and orders Federal Civilian Executive Branch agencies to secure affected devices by June 11 under BOD 22-01, while urging all security teams to apply vendor mitigations or discontinue use if mitigations are unavailable.

    Show sources
    Open in new tab