CISA Warns of Exploited Trend Micro Apex One Flaw

**Executive Summary:** CISA added CVE-2026-34926 — a directory traversal vulnerability in Trend Micro Apex One on‑premise — to its Known Exploited Vulnerabilities catalog after observing at least one exploitation attempt; the flaw can allow an attacker (requiring prior administrative credentials) to modify server tables and push malicious code to managed agents, creating a high-impact propagation vector across Windows endpoints. Trend Micro released fixed builds, CISA advises immediate patching or discontinuation per BOD 22-01, and organizations should audit agents for unauthorized changes.