Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3137 articles · 171636 vulns · 37/41 feeds (7d)
← Back to list
6.7
CVE-2026-34926KEVEXPLOITEDPATCHED
trend micro · apex_one

CVE-2026-34926: A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker t

Description

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

Affected Products

VendorProductVersions
trend microapex_one2019 (14.0), SaaS

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
trend microapex onecert_advisory90%

References

  • https://success.trendmicro.com/en-US/solution/KA-0023430
  • https://success.trendmicro.com/ja-JP/solution/KA-0022974
  • https://jvn.jp/en/vu/JVNVU90583059/
  • https://www.jpcert.or.jp/english/at/2026/at260014.html

Related News (7 articles)

Tier B
JPCERT/CC
Security Alert: Alert Regarding Multiple Vulnerabilities in Trend Micro Products Including TrendAI Apex One
→ No new info (linked only)
Tier D
Help Net Security40d ago
Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
→ No new info (linked only)
Tier B
CERT-FR40d ago
Bulletin d'actualité CERTFR-2026-ACT-023 (26 mai 2026)
→ No new info (linked only)
Tier D
BleepingComputer44d ago
Trend Micro warns of Apex One zero-day exploited in the wild
→ No new info (linked only)
Tier B
BSI Advisories44d ago
[NEU] [mittel] Trend Micro Apex One: Mehrere Schwachstellen ermöglichen Privilegieneskalation und die Ausführung von Code
→ No new info (linked only)
Tier B
CERT-FR44d ago
Multiples vulnérabilités dans les produits Trend Micro (22 mai 2026)
→ No new info (linked only)
Tier C
VulDB45d ago
CVE-2026-34926 | Trend Micro TrendAI Apex One/TrendAI Apex One as a Service path traversal
→ No new info (linked only)
CVSS 3.16.7 MEDIUM
VectorCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L
CISA KEV✅ Yes
Actively exploited✅ Yes
Patch available
14.0.0.1707914.0.20731
CWECWE-23
PublishedMay 21, 2026
Last enriched40d agov3
Tags
zero-dayCISA warning
Trending Score0
Source articles7
Independent6
Info Completeness10/14
Missing: epss, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2025-71213
CVE-2025-71213: An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on
HIGHCVE-2025-71215
CVE-2025-71215: A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification c
HIGHCVE-2025-71212
CVE-2025-71212: A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileg
HIGHCVE-2026-34930
CVE-2026-34930: An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affe
CRITICALCVE-2025-71210
CVE-2025-71210: A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code an

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
May 21, 2026
Added to CISA KEV
May 21, 2026
Discovered by ZDM
May 21, 2026
Updated: description, severity
May 21, 2026
Actively Exploited
May 22, 2026
Patch Available
May 22, 2026
Updated: tags
May 26, 2026

Version History

v3
Last enriched 40d ago
v3Tier D40d ago

Updated description with details about zero-day exploitation and added tags for zero-day and CISA warning.

tags
via Help Net Security
v2Tier C45d ago

Updated vendor to 'Trend Micro', product to 'TrendAI Apex One as a Service', severity to 'HIGH', and corrected exploit availability to false.

descriptionseverity
via VulDB
v145d ago

Initial creation