CVE-2026-34926

Name of the Vulnerable Software and Affected Versions Apex One (on-premise) (affected versions not specified)

Description A directory traversal flaw in the on-premise version of the server allows a pre-authenticated local attacker to modify a key table. This action can be used to inject malicious code for deployment to agents on affected installations. Exploitation requires the attacker to have access to the server and have already obtained administrative credentials through other means. This issue has been exploited in the wild.

Recommendations Apply the update released by Trend Micro to resolve this issue.