7202 matches found
Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
PT-2026-22847
Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability...
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
PT-2026-22851
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One mac agent affected versions not specified Description An origin validation error in the iCore service allows a local attacker to escalate privileges. Exploitation requires the attacker to first have the ability to execute...
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the management console. The issue results from incorrect implementation of the...
Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of hub server URLs. By providing a crafted URL, an attacker ca...
Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of URLs in the Manual Update feature. By providing a crafted...
PT-2026-22845
Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability...
PT-2026-22846
Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability...
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the management console. The issue results from incorrect implementation of the...
PT-2026-22849
Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central affected versions not specified Description An improper authentication issue exists in Trend Micro Apex Central that could allow privilege escalation. The issue was discovered by Elias Martinez. Recommendations At the...
PT-2026-22848
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability...
PT-2026-22855
Name of the Vulnerable Software and Affected Versions Trend Micro Cleaner One Pro affected versions not specified Description Trend Micro Cleaner One Pro installations are susceptible to a denial-of-service condition. A local attacker can exploit this issue, potentially leading to low-privileged...
Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of URLs in the Scheduled Update feature. By providing a crafte...
PT-2026-22852
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One mac agent affected versions not specified Description A time-of-check time-of-use TOCTOU issue exists in the iCore service signature verification. A TOCTOU is a race condition where a system checks a condition such as a...
PT-2026-21992
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One Console affected versions not specified Description The Trend Micro Apex One Console is susceptible to a directory traversal issue that could lead to remote code execution. The issue allows an attacker to potentially gain...
WordPress LatePoint - Calendar Booking Plugin for Appointments and Events plugin <= 5.2.6 - Missing Authorization to Booking Details Exposure vulnerability
WordPress LatePoint - Calendar Booking Plugin for Appointments and Events plugin = 5.2.6 - Missing Authorization to Booking Details Exposure vulnerability discovered by Chiao-Lin Yu Steven Meow - Trend Micro in WordPress Plugin LatePoint versions = 5.2.6...
Multiple vulnerabilities in Trend Micro Apex Central (January 2026)
Overview Trend Micro Incorporated has released a security update for Trend Micro Apex Central to fix CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Processing some crafte...
CVE-2025-69258
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...