TWO critical vulnerabilities detected today relate to Command Injection and Improper Authentication in popular security appliances, specifically targeting Check Point VPN and Progress Kemp LoadMaster. CVE-2026-50751, the Check Point VPN vulnerability, is currently exploited in the wild, requiring immediate attention. The Kemp LoadMaster issues involve a critical flaw (CVE-2026-8037) allowing remote code execution through its API, posing a severe risk of unauthorized access to the system.
Another significant flaw (CVE-2026-33691) enables WAF bypass capabilities, permitting attackers to infiltrate local networks undetected. Immediate firmware updates are advised to mitigate these vulnerabilities.