CVE-2026-34926

MEDIUM KEV

TrendAI Apex One 2019-14.0.0.17079 - Path Traversal & Arbitrary Code Deployment

Title source: llm

Exploitation Summary

CVE-2026-34926 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 21, 2026. EIP tracks 1 public exploit from researchers including HORKimhab.

AI-analyzed exploit summary The repository contains only a README with legal disclaimers and a LICENSE file, but no actual exploit code or technical details about CVE-2026-34926. It appears to be a placeholder or draft repository.

Description

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

Exploits (1)

github STUB

by HORKimhab · poc

https://github.com/HORKimhab/CVE-2026-34926

View Code ZIP pw:eip

The repository contains only a README with legal disclaimers and a LICENSE file, but no actual exploit code or technical details about CVE-2026-34926. It appears to be a placeholder or draft repository.

Classification

Stub 95%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: unknown

No auth needed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed May 22, 2026 Full analysis →

References (5)

Core 5

Core References

https://success.trendmicro.com/en-US/solution/KA-0023430

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34926

https://success.trendmicro.com/ja-JP/solution/KA-0022974

https://jvn.jp/en/vu/JVNVU90583059/

https://www.jpcert.or.jp/english/at/2026/at260014.html

Scores

CVSS v3 6.7

EPSS 0.0111

EPSS Percentile 61.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2026-05-21

VulnCheck KEV 2026-05-21

ENISA EUVD EUVD-2026-31284

CWE

CWE-23

Status published

Products (4)

Trend Micro, Inc./TrendAI Apex One 2019 (14.0) - 14.0.0.17079

Trend Micro, Inc./TrendAI Apex One as a Service SaaS - 14.0.20731

trendmicro/apex_one < 14.0.0.17079

trendmicro/apex_one < 14.0.20731

Published May 21, 2026

KEV Added May 21, 2026

Tracked Since May 21, 2026