{"vulnerability": "cve-2026-50752", "sightings": [{"uuid": "244dc340-6aef-4a1b-812c-2b1719ef7842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnrx4ohyb427", "content": "Check Point patched CVE-2026-50751, a critical VPN auth bypass used in zero-day attacks, and found CVE-2026-50752, an IKEv1 flaw tied to Qilin ransomware activity. #CheckPoint #Qilin #VPN", "creation_timestamp": "2026-06-08T15:00:32.969561Z"}, {"uuid": "52b8918f-60ef-45d5-bc80-e037a9f1f79d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0179", "content": "Check Point heeft kwetsbaarheden verholpen in Remote and Mobile Access VPN-producten, specifiek voor implementaties die gebruikmaken van het IKEv1 key exchange protocol. Er zijn twee kwetsbaarheden vastgesteld in Check Point Security Gateways en Remote Access VPN-omgevingen die gebruikmaken van het verouderde IKEv1-protocol. De kwetsbaarheden CVE-2026-50751 en CVE-2026-50752 treffen VPN-authenticatie en certificaatvalidatie. Deze kwetsbaarheden stellen aanvallers in staat om zonder geldige authenticatie toegang te verkrijgen tot VPN-omgevingen.\n\nDe kwetsbaarheid CVE-2026-50751 is als zero-day misbruikt. Volgens Check Point zou in \u00e9\u00e9n geval ook ransomware zijn geplaatst na dit misbruik. Het eerste gedetecteerde misbruik dateert van 7 mei. Het IKEv1-protocol is een verouderd protocol dat nog wel wordt gebruikt bij dit soort implementaties. Het NCSC-NL verwacht dat er op korte termijn grootschalig misbruik zal plaatsvinden en roept organisaties op om de advisory van Check Point op te volgen. Ook roept het NCSC-NL organisaties op om de IoC\u2019s van Check Point te controleren als binnen de organisatie betreffende producten worden gebruikt waarin IKEv1 is ingeschakeld.\n IOCs\n45.77.149[.]152\n209.182.225[.]136\n38.60.157[.]139\n162.33.177[.]101\n45.76.26[.]42\n144.208.127[.]155\n38.54.88[.]201\n38.54.107[.]167\n66.42.99[.]200\n\n52fda5c1b9704544f32ee98d9060e689\n\n51d39aa39478beeac94f2d12f682ecce", "creation_timestamp": "2026-06-08T12:29:06.000000Z"}, {"uuid": "2a5cb9ce-6bb9-4eb6-b5dc-9925239d1d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnrseujkif2s", "content": "CVE-2026-50752 - Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1\nCVE ID : CVE-2026-50752\n \n Published : June 8, 2026, 12:16 p.m. | 16\u00a0minutes ago\n \n Description : A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may ...", "creation_timestamp": "2026-06-08T13:35:33.326591Z"}, {"uuid": "e0e32b6a-64ba-4363-949e-81919e6d786b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnssre2myj2e", "content": "Check Point says CVE-2026-50751 is actively exploited to bypass auth in deprecated IKEv1 VPN setups, affecting Remote Access and Mobile Access deployments. CVE-2026-50752 may enable AitM attacks. #CheckPoint #Qilin #VPN", "creation_timestamp": "2026-06-08T23:15:12.748119Z"}, {"uuid": "077143cb-fe02-416b-9fbd-2a71608aa1a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnu3tme3kw2n", "content": "Check Point disclosed CVE-2026-50751, a critical VPN auth bypass exploited as a zero-day since May 7. Related flaw CVE-2026-50752 also fixed; CISA added the issue to KEV. #CheckPoint #Qilin #KEV", "creation_timestamp": "2026-06-09T11:30:13.929605Z"}, {"uuid": "1dab2ee7-2df9-4a5b-adf8-a9594db0b790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnu77imfvy26", "content": "\ud83d\udd17 CVE : CVE-2026-50751, CVE-2026-50752", "creation_timestamp": "2026-06-09T12:30:31.204050Z"}, {"uuid": "6e8adfd4-f257-4e8b-8f79-97d2ac2569bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-50752", "type": "seen", "source": "https://www.ncsc.nl/alerts/ernstige-kwetsbaarheden-in-check-point-remote-and-mobile-access-vpn", "content": "", "creation_timestamp": "2026-06-09T03:00:00.000000Z"}]}