CVE-2026-34929: An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affe

Description

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected Products

Vendor	Product	Versions
trend micro	trendai apex one	2019 (14.0), SaaS

References

https://success.trendmicro.com/en-US/solution/KA-0023430

Related News (1 articles)

Tier C

VulDB47m ago

CVE-2026-34929 | Trend Micro TrendAI Apex One/TrendAI Apex One as a Service Inter-Process Communication origin validation

→ No new info (linked only)

CVSS 3.17.8 CRITICAL

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

14.0.0.1707914.0.20731

CWECWE-346

PublishedMay 21, 2026

Last enriched18m agov2

Trending Score32

Source articles2

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

Version History

Last enriched 18m ago

v2Tier C18m ago

Updated severity from HIGH to CRITICAL and clarified that no exploit is available.

severity

via VulDB

v157m ago

Initial creation

CVE-2026-34929: An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affe

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (5)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History