Check Point HTTP Service: Malformed HTTP Request Handling Flaw (CVE-2026-48135)
CVE-2026-48135 Published on May 26, 2026
HTTP service can incorrectly process malformed HTTP requests
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests.
The issue is related to HTTP request parsing and validation.
Vulnerability Analysis
CVE-2026-48135 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.
Weakness Type
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Products Associated with CVE-2026-48135
Want to know whenever a new CVE is published for Check Point Software Security Gateway? stack.watch will email you.
Affected Versions
checkpoint Quantum Security Gateway:- Version R82.10 with Jumbo Hotfix Take 6 or below is affected.
- Version R82 with Jumbo Hotfix Take 91 or below is affected.
- Version R81.20 with Jumbo Hotfix Take 127 or below is affected.
- Version All releases from R81.10 and below is affected.