Check Point Software Security Gateway
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Check Point Software Security Gateway.
By the Year
In 2026 there have been 5 vulnerabilities in Check Point Software Security Gateway with an average score of 6.9 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 5 | 6.92 |
It may take a day or so for new Security Gateway vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Check Point Software Security Gateway Security Vulnerabilities
Check Point HTTP Service: Malformed HTTP Request Handling Flaw (CVE-2026-48135)
CVE-2026-48135
5.3 - Medium
- May 26, 2026
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation.
Heap-based Buffer Overflow
Checkpoint Security Gateway DLP Input Handling Flaw
CVE-2026-48134
5.6 - Medium
- May 26, 2026
When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not accessible from untrusted networks.
SQL Injection
Unauthenticated File Disclosure via Identity Awareness Blade on Check Point SG
CVE-2026-48133
7.5 - High
- May 26, 2026
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway.
Remote file include
Checkpoint Security Gateway IKE NAT-T Length Validation Crash (DoS)
CVE-2026-48132
8.1 - High
- May 26, 2026
The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service (temporary interruption of VPN negotiations/traffic).
Out-of-bounds Read
Checkpoint VPN IKE Fragment Value DoS Vulnerability
CVE-2026-48131
8.1 - High
- May 26, 2026
The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality).
Heap-based Buffer Overflow
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which
CVE-2014-7169
9.8 - Critical
- September 25, 2014
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
Shell injection
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
CVE-2014-6271
9.8 - Critical
- September 24, 2014
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Check Point Software Security Gateway or by Check Point Software? Click the Watch button to subscribe.
