High Threat Security Alert (A26-05-40): Multiple Vulnerabilities in Trend Micro Products

Description:

Trend Micro has published a security advisory to address multiple vulnerabilities in Trend Micro Products. The details of the security update can be found at:
https://success.trendmicro.com/en-US/solution/KA-0023430

Reports indicated that an information disclosure and tampering vulnerability (CVE-2026-34926) is being exploited in the wild. You are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Trend Micro Apex One - 2019 (On-Premises)
• Trend Micro Apex One - Server and Agent builds prior to 17079
• Trend Micro Apex One as a Service (SaaS)
• TrendAI Vision One Endpoint Security - Standard Endpoint Protection (SEP) - Agent builds prior to 14.0.20731

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, elevation of privilege, information disclosure or tampering on an affected system.

Recommendation:

Patches for affected software are available. System administrators of affected systems should follow the recommendations provided by the software vendor and take immediate actions to mitigate the risk.

More Information:

• https://success.trendmicro.com/en-US/solution/KA-0023430
• https://www.hkcert.org/security-bulletin/trend-micro-apex-one-multiple-vulnerabilities_20260522
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34926 (to CVE-2026-34930)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45206 (to CVE-2026-45208)