Medium severity6.7CISA KEVNVD Advisory· Published May 21, 2026· Updated May 22, 2026
CVE-2026-34926
CVE-2026-34926
Description
A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.
This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
5- jvn.jp/en/vu/JVNVU90583059/nvdThird Party Advisory
- success.trendmicro.com/en-US/solution/KA-0023430nvdVendor Advisory
- success.trendmicro.com/ja-JP/solution/KA-0022974nvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdThird Party AdvisoryUS Government Resource
- www.jpcert.or.jp/english/at/2026/at260014.htmlnvdThird Party Advisory
News mentions
9- Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flawHelp Net Security · May 31, 2026
- Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)Help Net Security · May 26, 2026
- 25th May – Threat Intelligence ReportCheck Point Research · May 25, 2026
- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- Trend Micro warns of Apex One zero-day exploited in the wildBleepingComputer · May 22, 2026
- TrendAI Patches Apex One Zero-Day Exploited in the WildSecurityWeek · May 22, 2026
- CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEVThe Hacker News · May 22, 2026
- Trend Micro Apex One: 13 CVEs Disclosed Including Actively Exploited Zero-DayVypr Intelligence · May 21, 2026
- CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA Alerts