JVNDB-2026-016802

Vulnerability from jvndb - Published: 2026-05-22 16:44 - Updated:2026-05-22 16:44
Severity ?
6.7 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L
Summary
Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026)
Details
Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises contain multiple vulnerabilities listed below.
  • Relative path traversal in Apex One server (CWE-23) - CVE-2026-34926
    • The only product that could be vulnerable to this exploit is TrendAI Apex One (On Premise).
  • Origin validation error in Security Agent (CWE-346) - CVE-2026-34927,CVE-2026-34928,CVE-2026-34929,CVE-2026-34930,CVE-2026-45206,CVE-2026-45207
  • Time-of-check time-of-use (TOCTOU) race condition in Security Agent (CWE-367) - CVE-2026-45208
Trend Micro Incorporated has reported that attacks exploiting CVE-2026-34926 have been observed in the wild. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-016802.html",
  "dc:date": "2026-05-22T16:44+09:00",
  "dcterms:issued": "2026-05-22T16:44+09:00",
  "dcterms:modified": "2026-05-22T16:44+09:00",
  "description": "Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises contain multiple vulnerabilities listed below.\u003cul\u003e\u003cli\u003eRelative path traversal in Apex One server (CWE-23) - CVE-2026-34926\u003cul\u003e\u003cli\u003eThe only product that could be vulnerable to this exploit is TrendAI Apex One (On Premise).\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eOrigin validation error in Security Agent (CWE-346) - CVE-2026-34927,CVE-2026-34928,CVE-2026-34929,CVE-2026-34930,CVE-2026-45206,CVE-2026-45207\u003c/li\u003e\u003cli\u003eTime-of-check time-of-use (TOCTOU) race condition in Security Agent (CWE-367) - CVE-2026-45208\u003c/li\u003e\u003c/ul\u003eTrend Micro Incorporated has reported that attacks exploiting CVE-2026-34926 have been observed in the wild.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-016802.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:trendai_apex_one",
      "@product": "TrendAI Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:trendai_vision_one_endpoint_security-standard_endpoint_protection",
      "@product": "TrendAI Vision One Endpoint Security - Standard Endpoint Protection",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:trend_micro_apex_one",
      "@product": "Trend Micro Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.7",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2026-016802",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU90583059/index.html",
      "@id": "JVNVU#90583059",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-34926",
      "@id": "CVE-2026-34926",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-34927",
      "@id": "CVE-2026-34927",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-34928",
      "@id": "CVE-2026-34928",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-34929",
      "@id": "CVE-2026-34929",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-34930",
      "@id": "CVE-2026-34930",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-45206",
      "@id": "CVE-2026-45206",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-45207",
      "@id": "CVE-2026-45207",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-45208",
      "@id": "CVE-2026-45208",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/23.html",
      "@id": "CWE-23",
      "@title": "Relative Path Traversal(CWE-23)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/346.html",
      "@id": "CWE-346",
      "@title": "Origin Validation Error(CWE-346)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/367.html",
      "@id": "CWE-367",
      "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.