Check Point VPN and Google Chrome Vulnerabilities Under Active Exploitation
Patches have been issued to fix a critical vulnerability affecting Check Point Mobile Access, SSL VPN, Remote Access VPN, and Spark Firewalls, and a high-severity vulnerability in Google Chrome, both of which are being actively exploited in the wild.
Check Point Remote Access VPN Vulnerability
On June 8, 2026, the cybersecurity firm Check Point issued a security advisory about a critical authentication bypass vulnerability tracked as CVE-2026-50751 (CVSS 9.3), which has been actively exploited in zero-day attacks since May 7, 2026. Exploitation of the vulnerability accelerated over the weekend, with a few dozen organizations falling victim to attacks. In one attack, Check Point associated the post-exploit activity with a Qilin ransomware affiliate that has previously targeted vulnerabilities in other VPNs.
The vulnerability affects Check Point Mobile Access, SSL VPN, Remote Access VPN, and Spark Firewalls; however, only if deployments are configured to use the deprecated IKEv1 key exchange protocol. In vulnerable deployments, unauthenticated remote attackers can exploit a logic flaw in certificate validation, which allows them to establish a VPN connection without a valid password, bypassing authentication requirements.
Check Point also identified a second vulnerability while investigating the actively exploited zero day. The vulnerability is also associated with the deprecated IKEv1 key exchange, which can allow a man-in-the-middle attack on VPN site-to-site connections. The vulnerability is tracked as CVE-2026-50752, has a CVSS score of 7.4, and affects Security Gateways and Spark Firewalls. At the time of issuing the patch, there had been no known exploitation of the flaw.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Customers using the IKEv1 key exchange protocol have been advised to apply the security updates as soon as possible. If the hotfixes cannot be immediately applied, users should follow Check Point’s mitigation guidance detailed in the security alert. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerability (KEV) Catalog and ordered all government agencies to secure their deployments by applying the security updates or mitigations within 3 days. or to discontinue use of the product.
Google Chrome Zero-day
Google has released an emergency patch to fix an actively exploited high-severity zero-day vulnerability in Google Chrome. The vulnerability, tracked as CVE-2026-11645, is due to an out-of-bounds read and write flaw in the Chrome V8 JavaScript engine. The vulnerability can be exploited by a remote attacker via specially crafted HTML pages. Successful exploitation allows the attacker to execute arbitrary code inside the web browser sandbox, exposing sensitive information or crashing Chrome.
Google is aware of an exploit for the vulnerability in the wild, and has rolled out updates for users in the Stable Desktop channel for Windows, Mac, and Linux Systems. Further information about the bug is being withheld until the majority of users have updated Chrome.
