CVE-2026-34926

Undergoing Analysis
Published: 21 May 2026, 13:03
Last modified:22 May 2026, 12:47

Vulnerability Summary

Overall Risk (default)
medium
27/100
CVSS Score
6.7 MEDIUM
v3.1 (cve.org)
EPSS Score
0.25% LOW
0% probability
KEV
Listed
CISA
1 listing
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 May 2026, 13:03
Published
Vulnerability first disclosed
21 May 2026, 00:00
Added to CISA KEV
Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
22 May 2026, 12:47
Last Modified
Vulnerability information updated
04 Jun 2026, 00:00
CISA Remediation Due
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

CVSS Metrics

  • v3.1MEDIUMScore: 6.7CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L

EPSS Trends

Current EPSS score: 0.25% Percentile: 49%

Techniques & Countermeasures

  • CWE-23Relative Path Traversal

    The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Affected Systems

  • trend micro, inc.trendai apex one

    ≥ 2019 (14.0), < 14.0.0.17079

  • trend micro, inc.trendai apex one as a service

    ≥ SaaS, < 14.0.20731

References (5)