CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/21 2:16 p.m.•9 views

CVE-2025-71214

An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

7.8CVSS0.0001EPSS

NVD•added 2026/05/21 2:16 p.m.•10 views

CVE-2025-71213

7.8CVSS0.0001EPSS

Cvelist•added 2026/05/21 1:3 p.m.•31 views

CVE-2025-71217

An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...

0.0001EPSS

ATTACKERKB•added 2026/05/21 1:3 p.m.•3 views

CVE-2025-71217

CVE•added 2026/05/21 1:3 p.m.•14 views

CVE-2025-71217

Summary of CVE-2025-71217 : An origin validation error in the Trend Micro Apex One (mac) agent self-protection mechanism (TmSelfProtect) allows a local attacker who already has low-privilege code execution to escalate privileges on affected installations. The vulnerability stems from insufficient...

ATTACKERKB•added 2026/05/21 1:2 p.m.•6 views

CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS7.3AI score0.00018EPSS

Vulnrichment•added 2026/05/21 1:2 p.m.•8 views

CVE-2025-71216

7.3AI score0.00018EPSS

EUVD•added 2026/05/21 1:2 p.m.•5 views

EUVD-2025-209917

7CVSS7.3AI score0.00018EPSS

CVE•added 2026/05/21 1:2 p.m.•9 views

CVE-2025-71215

The vulnerability CVE-2025-71215 is a TOCTOU race condition in the Trend Micro Apex One (mac) agent iCore service signature verification that can allow a local attacker with low-privilege code execution to escalate privileges. Affected software is the Apex One mac agent; the flaw arises during si...

7CVSS7.3AI score0.00018EPSS

ATTACKERKB•added 2026/05/21 1:2 p.m.•4 views

CVE-2025-71215

7CVSS7.3AI score0.00018EPSS

EUVD•added 2026/05/21 1:2 p.m.•7 views

EUVD-2025-209912

CVE•added 2026/05/21 1:2 p.m.•14 views

CVE-2025-71214

Trend Micro Apex One (mac) agent iCore service contains an origin validation error that allows local privilege escalation when an attacker can execute low-privileged code. The root cause is lack of proper validation of the origin of IPC messages within the iCore service. Reported impact is local ...

Cvelist•added 2026/05/21 1:2 p.m.•35 views

CVE-2025-71214

0.0001EPSS

EUVD•added 2026/05/21 1:2 p.m.•7 views

EUVD-2025-209914

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

ATTACKERKB•added 2026/05/21 1:2 p.m.•4 views

CVE-2025-71212

CVE•added 2026/05/21 1:2 p.m.•16 views

CVE-2025-71212

CVE-2025-71212 affects Trend Micro Apex One Virus Scan Engine. A local attacker who can run low-privileged code can exploit a link-following weakness to escalate privileges via the VSApiNt.sys driver, as described by ZDI and mirrored in NVD. The vulnerability exists in the scan engine and can lea...

Vulnrichment•added 2026/05/21 1:2 p.m.•7 views

CVE-2025-71212