CVE-2026-34926

Published: Mag 21, 2026 Last Modified: Mag 21, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,7
Source: [email protected]
Attack Vector: local
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: changed
Confidentiality: high
Integrity: low
Availability: low

Description

AI Translation Available

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.

This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained administrative credentials to the server via some other method to exploit this vulnerability.

23

Relative Path Traversal

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands Modify Files Or Directories Read Files Or Directories Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: Not Technology-Specific, Web Based, AI/ML
View CWE Details
https://jvn.jp/en/vu/JVNVU90583059/
https://jvn.jp/en/vu/JVNVU90583059/
https://success.trendmicro.com/en-US/solution/KA-0023430
https://success.trendmicro.com/en-US/solution/KA-0023430
https://success.trendmicro.com/ja-JP/solution/KA-0022974
https://success.trendmicro.com/ja-JP/solution/KA-0022974
https://www.jpcert.or.jp/english/at/2026/at260014.html
https://www.jpcert.or.jp/english/at/2026/at260014.html