CVE-2026-34926

CVE Database · CVE-2026-34926

CVE-2026-34926

· MEDIUMAnalyzed

CVSS v3.1

6.7

EPSS

1.11%

Published

May 21, 2026

Modified

May 22, 2026

CISA Known Exploited Vulnerability

Added: 2026-05-21 · Due: 2026-06-04

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (1)

All weaponized →

GitHub PoCHORKimhab/CVE-2026-34926★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L

Weaknesses (CWE)

CWE-23

Affected Products (2)

trendmicro · apex_one (up to 14.0.0.17079)vulnerable

trendmicro · apex_one (up to 14.0.20731)vulnerable

References (5)

https://jvn.jp/en/vu/JVNVU90583059/

Third Party Advisory

https://success.trendmicro.com/en-US/solution/KA-0023430

Vendor Advisory