COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-34926

CVE-2026-34926

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-05-21
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-34926
⌖ exploited in the wild shame 45/100 exploited-in-wildsupply-chain

Trend Micro Apex One on-premise software allows local attackers to inject malicious code into agents via a directory traversal flaw.

A directory traversal vulnerability in Trend Micro Apex One (on-premise) enables local attackers to modify key tables and inject code into deployed agents, creating a supply-chain risk for DIB organizations relying on this endpoint protection platform. While not a zero-day or remote exploit, the ability to compromise agent integrity undermines the security posture of the entire endpoint ecosystem.

Shame score — A local-only vulnerability that requires pre-authentication, though it poses a supply-chain risk for endpoint security.

Players implicated

Trend Micro Inc. · vendorApex One · product

Description

Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
Trend Micro Cloud One for Government Trend Micro Inc. In Process vendor-exact · 0.90
Trend Micro Vision One for Government Trend Micro Inc. In Process vendor-exact · 0.90