Vulnerability Intelligence Report — June 11, 2026

nick

Vulnerability Intelligence Report — June 11, 2026

by

Vulnerability Intelligence Report — June 11, 2026
Coverage: June 10–11, 2026 | New CISA KEV additions: 0 | KEV deadlines today: 1 | Patch Tuesday deployment ongoing
Previous reports: June 10, 2026 | June 9, 2026

Today — June 11, 2026 — is the CISA KEV remediation deadline for Check Point Security Gateway (CVE-2026-50751). The Dutch NCSC warned yesterday of expected large-scale abuse, and Check Point has confirmed active exploitation. No new CISA KEV entries were added. Organisations should be actively deploying Microsoft’s June Patch Tuesday updates (198 vulnerabilities, 3 zero-days) and the critical Veeam, Ivanti, and Adobe patches released yesterday.

Quick Reference — Most Important Items Today

Check Point VPN: CVE-2026-50751 (CISA KEV DEADLINE TODAY, actively exploited, NCSC warns of large-scale abuse)

Microsoft Patch Tuesday: Deploying — 198 vulns, 3 zero-days (Defender RoguePlanet, Kernel RCE, BitLocker fix)

Veeam Backup: Critical RCE — patch backup servers immediately

Ivanti Sentry: Critical — remote takeover, patch today

Adobe ColdFusion: CVE-2026-47928 (CVSS 9.6) + Campaign Classic CVE-2026-48303 (CVSS 10.0)

Upcoming KEV: SolarWinds Serv-U June 19 | BerriAI LiteLLM June 22 | Google V8/Arista/Cisco SD-WAN June 23

Check Point Security Gateway — CVE-2026-50751 (KEV DEADLINE TODAY)

Software affected: Check Point Security Gateway with IKEv1 Remote Access VPN enabled.

CVE: CVE-2026-50751 | CISA KEV deadline today — June 11, 2026 | IKEv1 authentication bypass enabling unauthorised VPN access | Actively exploited | Dutch NCSC warns of imminent large-scale abuse

Status: Today is the federal remediation deadline. Check Point has confirmed active exploitation. The Dutch NCSC’s warning of expected large-scale abuse signals that mass automated scanning and exploitation tooling is likely already deployed. Organisations that have not yet patched are now past the deadline and operating at direct risk. If your Check Point gateway is internet-facing with IKEv1 enabled: patch immediately, or disable IKEv1. Full coverage in the dedicated advisory.

Recommended action: Patch today if you have not already. This is the deadline. Disable IKEv1 if not needed. Audit VPN logs for unauthorised connections.

Official source: Check Point Security Advisory | CISA KEV Catalog

Microsoft Patch Tuesday Deployment — Status Check

The June 2026 Patch Tuesday released yesterday addresses 198 vulnerabilities including three zero-days. Organisations should be actively deploying these updates. Key items to verify:

  • Windows Defender RoguePlanet (CVE-2026-47281, CVSS 9.6): Zero-day SYSTEM escalation — verify deployment on all endpoints with Defender. Dedicated advisory.
  • Windows Kernel RCE (CVE-2026-45657, CVSS 9.8): Kernel-level use-after-free — verify deployment on all Windows systems.
  • Windows HTTP.sys (CVE-2026-47291, CVSS 9.8): Internet-facing IIS servers are directly exposed — verify these are patched first.
  • Windows DHCP (CVE-2026-44815, CVSS 9.8 / CVE-2026-45602, CVSS 9.1): DHCP clients and servers — verify DHCP servers are patched.
  • Windows TCP/IP (CVE-2026-42904, CVSS 9.6): Core networking stack — verify all network-connected systems are patched.
  • BitLocker YellowKey fix: The permanent fix replaces the PowerShell mitigation script. Dedicated advisory.

Recommended action: Verify Patch Tuesday deployment coverage across your Windows fleet. Prioritise internet-facing servers (HTTP.sys), DHCP servers, domain controllers, and systems with Defender. The three zero-days should be deployed to 100% of affected systems.

Veeam, Ivanti, Adobe — Critical Patches Still Require Action

The critical vendor advisories from yesterday’s report remain urgent:

  • Veeam Backup & Replication: Critical RCE on backup servers. Backup infrastructure is the last line of defence against ransomware — patch today. Ensure Veeam servers are not internet-facing.
  • Ivanti Sentry: Critical vulnerabilities enabling remote takeover of mobile gateway appliances. Patch today — internet-facing Sentry servers are directly exposed.
  • Adobe ColdFusion (CVE-2026-47928, CVSS 9.6): Internet-facing ColdFusion servers are trivially exploitable. Apply APSB26-64.
  • Adobe Campaign Classic (CVE-2026-48303, CVSS 10.0): Maximum severity. Apply APSB26-66.

KEV Deadline Watch

TODAY (June 11): Check Point Security Gateway CVE-2026-50751. Dedicated advisory.

June 19: SolarWinds Serv-U CVE-2026-28318. Dedicated advisory.

June 22: BerriAI LiteLLM CVE-2026-42271. Dedicated advisory.

June 23: Google Chromium V8 CVE-2026-11645 / Arista EOS CVE-2026-7473 / Cisco SD-WAN CVE-2026-20245.

Updates on Items from Previous Reports

Windows MiniPlasma CVE-2026-33825: Check whether the June Patch Tuesday includes a fix. Dedicated advisory.

Everest Forms Pro CVE-2026-3300: Still actively exploited. Dedicated advisory.

OpenSSL update (June 9): Verify deployment across all TLS-terminating services and container images.

PAN-OS, Citrix NetScaler, Windows Netlogon, Acer routers, FortiClient, Ghost CMS, SonicWall, ChromaDB, Oracle, Cisco UC Manager, authentik, BIRD BGP, MLflow, React Router, Perl DBI, Spring Framework: All covered in dedicated advisories.

This report is compiled from official vendor advisories, the CISA KEV catalog, the NVD, and primary security research sources.

Threat Modeling and Security by Design

Threat modeling and Security by Design methods, tools, and approaches to help secure your business and IT landscape.

Terms of Service | Privacy Policy

AI chatbot & help center by 99helpers.com

Threat Modeling
Threat Modeling Tool
Threat Modeling Tool Explainer
What is Threat Modeling?
STRIDE Threat Modeling
PASTA Threat Modeling
Automated Threat Modeling
Threat Modeling Framework
CISO Security Mind Map 2026
CIS Controls
OWASP Top 10

© Threat-Modeling.com

Connect with me

Enter your Email address if you want to connect and receive threat modeling updates (I won’t spam you or share your contact details).

AND / OR

Try my threat modeling tool, it's completely free to use.

Thanks for signing up!