Vulnerability intelligence

CVE-2026-34926

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

CVSS Score

6.7

Medium

EPSS — Exploit Probability

1.0%

Riskier than 78% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

unknown

Federal deadline 2026-06-04

CISA required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-06-04.

NVD entry PoC / advisory CISA KEV

4 articles across 4 outlets · first covered May 21, 2026 · latest May 22, 2026

Coverage timeline

CISA Flags CVE-2025-34291 Langflow Flaw in KEV Update
securityaffairs.com · May 22, 2026
Trend Micro patches zero day Apex One flaw CVE-2026-34926
www.securityweek.com · May 22, 2026
CISA Flags Trend Micro Apex One Flaw (CVE‑2026‑34926) in KEV
www.cisa.gov · May 21, 2026
CISA Flags Trend Micro Apex One Flaw (CVE‑2026‑34926) in KEV
cisa.gov · May 21, 2026