Express Computer
Home  »  News  »  Check Point finds critical vulnerabilities doubled in 2026

Check Point finds critical vulnerabilities doubled in 2026

0 2

Check Point Software Technologies has released its 2026 Exposure Gap Report, revealing that while critical vulnerability exposures more than doubled over the past year, fewer than one in twelve vulnerability alerts required immediate remediation after exploitability validation, highlighting the growing challenge of prioritising cyber risks amid AI-driven attacks.

According to the report, vulnerabilities accounted for 42.6% of all critical exposures in 2026, up from 18.7% a year earlier, making them the largest category of critical exposure. However, only 7.8% of vulnerability alerts were classified as critical or high priority after validation, suggesting that organisations continue to face significant alert fatigue despite increasing threat volumes.

The report notes that AI-assisted attack tools are enabling threat actors to scan exposed systems, credentials and known vulnerabilities at a scale and speed that manual security operations struggle to match. This has widened what Check Point describes as the “exposure gap”, the time between identifying a security exposure and successfully remediating it.

Among the report’s other findings, 76% of all critical exposures originated from just two categories: vulnerabilities and internal information disclosure. Phishing websites also emerged as one of the fastest-growing exposure types, increasing from 1% of critical exposures in 2025 to 10.5% in 2026.

Despite the growing complexity, the report found that organisations implemented 85.9% of recommended remediation actions, indicating that effective prioritisation and automated response workflows can significantly improve security outcomes.

“AI-assisted attacks are increasing both the speed and scale at which organisations are targeted. The challenge is no longer simply detecting vulnerabilities, but identifying the relatively small number that are genuinely exploitable and remediating them quickly without disrupting business operations,” said Yochai Corem, Vice President and General Manager of Exposure Management at Check Point Software Technologies.

The study also highlighted differences across industries. Utilities and government organisations recorded the highest concentration of vulnerability-related exposures, while internal information disclosure was the leading exposure category in healthcare and financial services. Healthcare organisations recorded the slowest remediation times, with a median of 158.8 hours, reflecting operational constraints such as legacy systems and strict change management requirements.

The report was unveiled at Check Point Engage 2026 in Paris and underscores the growing importance of exposure management as enterprises increasingly adopt AI technologies while facing a rapidly evolving threat landscape.

Leave A Reply

Your email address will not be published.