This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Check Point Frontier AI Models Readiness Program – Security Updates

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
PhoneBoy
Admin
Admin
3 2 366
Wednesday

At Check Point we don’t wait for threats to evolve; we evolve ahead of them. This is why we’ve been running our Frontier AI Models Readiness Program: a proactive, structured initiative designed to ensure that our products remain resilient as AI models grow increasingly capable of understanding complex software systems and assisting adversaries in attacking them.

As part of this program, we conducted large-scale AI-driven code scanning across our products, performed extensive security reviews, hardened components where needed, refined our time-to-patch procedures, and accelerated our protection development processes to meet the pace of emerging AI-driven threats.

The Jumbo Hotfixes released on May 26th is one of the first direct outcomes of that effort and includes fixes for the following CVEs:

CVE Description CVSS In the Wild
CVE-2026-48131 VPND IKE Fragment Reassembly – Heap Out-of-Bounds Write via Sequence Number Zero 8.1 NO
CVE-2026-48132 VPN service may restart unexpectedly when processing IKE traffic over NAT-T (UDP/4500) 8.1 NO
CVE-2026-48133 NAC Captive Portal – Unauthenticated Local File Inclusion 7.5 NO
CVE-2026-48134 SQL injection issue in UserCheck Portal when DLP Software Blade is active 5.6 NO
CVE-2026-48135 Hardening the HTTP parser against malformed/malicious input 5.3 NO
CVE-2026-48136 Compliance Best Practice metadata manipulation issue when Compliance Software Blade is enabled 4.1 NO

 

While each CVE has mitigation steps associated with it that are provided in the SKs linked above, we recommend installing the JHF as it includes additional security hardening.

The releases that provide fixes for the above CVEs include:

 

2 Comments
Labels