Skip to main content

Trend Micro Releases Security Update for Actively Exploited Medium Severity Vulnerability in Apex One

CVE‑2026‑34926 allows code injection via directory traversal in Trend Micro Apex One on‑premise servers.

Threat ID:
CC-4789
Threat Severity:
Medium
Published:
26 May 2026 1:36 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

CVE‑2026‑34926 allows code injection via directory traversal in Trend Micro Apex One on‑premise servers.

Affected platforms

The following platforms are known to be affected:

Trend Micro Apex One

  • 2019 (On Premises) Server
  • Agent builds below version 17079

Threat details

Exploitation of CVE-2026-34926 in the Wild

Trend Micro has confirmed at least one attempt to exploit CVE‑2026‑34926 in the wild, and CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog.

The NHS England National CSOC assesses exploitation as likely.

Introduction

Trend Micro has released security updates to address a medium severity vulnerability in Apex One (on‑premise). Successful exploitation could allow an attacker with administrative access to inject malicious code that is deployed to all managed endpoint agents.

  • CVE‑2026‑34926 – "Directory Traversal" vulnerability – CVSS v3.1 score of 6.7

Remediation advice

Affected organisations are encouraged to review Trend Micro advisory KA‑0023430 and apply the relevant updates as soon as possible.

Last edited: 26 May 2026 1:36 pm