|
321
|
7.8 |
HIGH
Local
|
-
|
-
|
A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent cache mechanism could allow a local attacker to escalate privileges on affected installations.
Please note: an att…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-71216
|
2026-05-22 00:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
322
|
7.0 |
HIGH
Local
|
-
|
-
|
A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations.
…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-71215
|
2026-05-22 00:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
323
|
7.8 |
HIGH
Local
|
-
|
-
|
An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attacker to escalate privileges on affected installations.
Please note: an attack…
New
|
CWE-346
Origin Validation Error
|
CVE-2025-71214
|
2026-05-22 00:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
324
|
7.8 |
HIGH
Local
|
-
|
-
|
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
New
|
CWE-823
Use of Out-of-range Pointer Offset
|
CVE-2026-28764
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
325
|
7.8 |
HIGH
Local
|
-
|
-
|
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the…
New
|
CWE-59
Link Following
|
CVE-2025-71212
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
326
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.
Please note: although this vul…
New
|
CWE-22
Path Traversal
|
CVE-2025-71210
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
327
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in …
New
|
CWE-22
Path Traversal
|
CVE-2025-71211
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
328
|
7.8 |
HIGH
Local
|
-
|
-
|
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the abili…
New
|
CWE-346
Origin Validation Error
|
CVE-2025-71213
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
329
|
6.7 |
MEDIUM
Local
|
-
|
-
|
A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents…
New
|
CWE-23
Relative Path Traversal
|
CVE-2026-34926
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
330
|
7.8 |
HIGH
Local
|
-
|
-
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to …
New
|
CWE-346
Origin Validation Error
|
CVE-2026-34927
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
