https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-17T18:12:02.654622+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/659afbaf-d7b4-4613-8977-612a7ec286c8/export659afbaf-d7b4-4613-8977-612a7ec286c82026-06-17T18:12:02.662120+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "659afbaf-d7b4-4613-8977-612a7ec286c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3e6ve572u", "content": "Security](https://www.picussecurity.com/resource/blog/rogueplanet-anatomy-of-the-nightmare-eclipse-microsoft-defender-zero-day), [offseq](https://infosec.exchange/@offseq/116724637739741236)\n\n## 4. CVE-2026-50751: Actively Exploited Check Point VPN Authentication Bypass\nCheck Point VPNs are under", "creation_timestamp": "2026-06-16T05:36:49.386602Z"}2026-06-16T05:36:49.386602+00:00https://vulnerability.circl.lu/sighting/44dfb072-bc5f-40f1-8e1a-058f6ef8ba52/export44dfb072-bc5f-40f1-8e1a-058f6ef8ba522026-06-17T18:12:02.662040+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "44dfb072-bc5f-40f1-8e1a-058f6ef8ba52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3eali4j2x", "content": "active attack via CVE-2026-50751, an authentication bypass vulnerability affecting IKEv1 and legacy client configurations. The Qilin ransomware group is among those exploiting this flaw, making immediate mitigation essential \u2014 organizations should restrict connections to IKEv2, remove legacy", "creation_timestamp": "2026-06-16T05:36:51.138993Z"}2026-06-16T05:36:51.138993+00:00https://vulnerability.circl.lu/sighting/294f2cd9-89ce-4b64-86d3-54bf87c97bac/export294f2cd9-89ce-4b64-86d3-54bf87c97bac2026-06-17T18:12:02.661965+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "294f2cd9-89ce-4b64-86d3-54bf87c97bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3fhqtjb23", "content": "CVE-2026-50751:", "creation_timestamp": "2026-06-16T05:37:31.924092Z"}2026-06-16T05:37:31.924092+00:00https://vulnerability.circl.lu/sighting/c0d41b0a-4070-4ce6-911f-60d07af30335/exportc0d41b0a-4070-4ce6-911f-60d07af303352026-06-17T18:12:02.661889+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "c0d41b0a-4070-4ce6-911f-60d07af30335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3gctng22h", "content": "CVE-2026-50751,", "creation_timestamp": "2026-06-16T05:38:00.350181Z"}2026-06-16T05:38:00.350181+00:00https://vulnerability.circl.lu/sighting/6a3b38f6-a877-40f6-b2b5-b330a375d02d/export6a3b38f6-a877-40f6-b2b5-b330a375d02d2026-06-17T18:12:02.661811+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "6a3b38f6-a877-40f6-b2b5-b330a375d02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3k5bbi222", "content": "Security](https://www.picussecurity.com/resource/blog/rogueplanet-anatomy-of-the-nightmare-eclipse-microsoft-defender-zero-day), [offseq](https://infosec.exchange/@offseq/116724637739741236)\n\n## 4. CVE-2026-50751: Actively Exploited Check Point VPN Authentication Bypass\nCheck Point VPNs are under", "creation_timestamp": "2026-06-16T05:40:08.746449Z"}2026-06-16T05:40:08.746449+00:00https://vulnerability.circl.lu/sighting/af6cadbd-eccf-41f4-8f78-b05b374fe837/exportaf6cadbd-eccf-41f4-8f78-b05b374fe8372026-06-17T18:12:02.661729+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "af6cadbd-eccf-41f4-8f78-b05b374fe837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mof3k6xctl2f", "content": "active attack via CVE-2026-50751, an authentication bypass vulnerability affecting IKEv1 and legacy client configurations. The Qilin ransomware group is among those exploiting this flaw, making immediate mitigation essential \u2014 organizations should restrict connections to IKEv2, remove legacy", "creation_timestamp": "2026-06-16T05:40:10.819613Z"}2026-06-16T05:40:10.819613+00:00https://vulnerability.circl.lu/sighting/009f6151-23f6-45ae-9b31-2ccc64bc5d29/export009f6151-23f6-45ae-9b31-2ccc64bc5d292026-06-17T18:12:02.661633+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "009f6151-23f6-45ae-9b31-2ccc64bc5d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0179", "content": "Check Point heeft kwetsbaarheden verholpen in Remote and Mobile Access VPN-producten, specifiek voor implementaties die gebruikmaken van het IKEv1 key exchange protocol. Er zijn twee kwetsbaarheden vastgesteld in Check Point Security Gateways en Remote Access VPN-omgevingen die gebruikmaken van het verouderde IKEv1-protocol. De kwetsbaarheden CVE-2026-50751 en CVE-2026-50752 treffen VPN-authenticatie en certificaatvalidatie. Deze kwetsbaarheden stellen aanvallers in staat om zonder geldige authenticatie toegang te verkrijgen tot VPN-omgevingen.\n\nDe kwetsbaarheid CVE-2026-50751 is als zero-day misbruikt. Volgens Check Point zou in \u00e9\u00e9n geval ook ransomware zijn geplaatst na dit misbruik. Het eerste gedetecteerde misbruik dateert van 7 mei. Het IKEv1-protocol is een verouderd protocol dat nog wel wordt gebruikt bij dit soort implementaties. Het NCSC-NL verwacht dat er op korte termijn grootschalig misbruik zal plaatsvinden en roept organisaties op om de advisory van Check Point op te volgen. Ook roept het NCSC-NL organisaties op om de IoC\u2019s van Check Point te controleren als binnen de organisatie betreffende producten worden gebruikt waarin IKEv1 is ingeschakeld.\n\nUPDATE: Er is inmiddels publiek beschikbare Proof-of-Concept (PoC)-code, wat de kans op misbruik vergroot.\n IOCs\n45.77.149[.]152\n209.182.225[.]136\n38.60.157[.]139\n162.33.177[.]101\n45.76.26[.]42\n144.208.127[.]155\n38.54.88[.]201\n38.54.107[.]167\n66.42.99[.]200\n\n52fda5c1b9704544f32ee98d9060e689\n\n51d39aa39478beeac94f2d12f682ecce", "creation_timestamp": "2026-06-16T11:13:03.000000Z"}2026-06-16T11:13:03+00:00https://vulnerability.circl.lu/sighting/2506d7fe-04b0-49d3-84e9-571a7e0f58b5/export2506d7fe-04b0-49d3-84e9-571a7e0f58b52026-06-17T18:12:02.661540+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "2506d7fe-04b0-49d3-84e9-571a7e0f58b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/docusnap.bsky.social/post/3mohn5ji2vn25", "content": "Ein Beispiel von letzter Woche: die aktiv ausgenutzte Check-Point-VPN-L\u00fccke (CVE-2026-50751), inklusive BSI-Warnung. Der Patch ist da. Aber \u201everf\u00fcgbar\" hei\u00dft nicht \u201eeingespielt\" und schon gar nicht \u201eauf allen Ger\u00e4ten, die ich gerade nicht auf dem Schirm habe\".\nHier hilft Docusnap.\n\n#ITSecurity", "creation_timestamp": "2026-06-17T06:00:32.334601Z"}2026-06-17T06:00:32.334601+00:00https://vulnerability.circl.lu/sighting/42d847ed-0ba1-439d-9096-640d5b4750a0/export42d847ed-0ba1-439d-9096-640d5b4750a02026-06-17T18:12:02.661431+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "42d847ed-0ba1-439d-9096-640d5b4750a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3moidq6ytyu2b", "content": "One VPN Hole, One Ransomware Crew, Zero Adult Supervision\nPANIC 84% | Lag 0.0h | Check Point VPN authentication bypass CVE-2026-50751 lets an attacker flip IKEv1 authentication logi\n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-06-17T12:44:41.260496Z"}2026-06-17T12:44:41.260496+00:00https://vulnerability.circl.lu/sighting/aab16c9a-5c9f-436e-803e-c278eb5f2c60/exportaab16c9a-5c9f-436e-803e-c278eb5f2c602026-06-17T18:12:02.659919+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "aab16c9a-5c9f-436e-803e-c278eb5f2c60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50751", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3moim4ayqjh2c", "content": "Organizations running Check Point $CHKP Remote Access VPN on the legacy IKEv1 protocol are exposed to an authentication bypass that has been exploited since early May. CVE-2026-50751 lets remote attackers connect without a valid password. CISA gave US federal agencies three days to patch.", "creation_timestamp": "2026-06-17T15:14:35.788720Z"}2026-06-17T15:14:35.788720+00:00