Multiple vulnerabilities in Trend Micro Apex One, including CVE-2026-34926 (CVSS 6.7), allow for remote code execution, privilege escalation, and data manipulation, with at least one being actively exploited. Affected versions include on-premises 2019 builds below 17079 and SaaS agent builds below 14.0.20731. The vendor has released fixes detailed in their knowledge base article KA-0023430.
Multiple vulnerabilities were identified in Trend Micro Apex One. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and data manipulation on the targeted system. Note: CVE-2026-34926 is being exploited in the wild. ... Impact Elevation of Privilege Remote Code Execution Data Manipulation System / Technologies affected Trend Micro Apex One - 2019 (On-prem) Trend Micro Apex One - Server and Agent builds below 17079 Trend Micro Apex One as a Service (SaaS) TrendAI Vision One Endpoint Security - Standard Endpoint Protection (SEP) - Agent builds below 14.0.20731 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://success.trendmicro.com/en-US/solution/KA-0023430