Check Point released updates for CVE-2026-50751, an authentication bypass in IKEv1-based Remote Access and Mobile Access VPNs that has been exploited since May and impacted a few dozen organizations, including a confirmed Qilin ransomware incident. They also patched CVE-2026-50752, a certificate validation flaw in IKEv1 site-to-site VPNs, and urge customers to move to IKEv2, enforce machine certificates, or apply the provided mitigations.