TrendAI has patched CVE-2026-34926, a zero-day in Apex One that was exploited in the wild and could let an attacker modify a server key table to inject malicious code to agents. The issue affects only the on-premises version, has been added to CISA’s KEV catalog, and follows several other high-severity Apex One fixes for local privilege escalation. #TrendAI #ApexOne #CVE-2026-34926 #CISA #KEV
Keypoints
- TrendAI patched a newly exploited Apex One zero-day, CVE-2026-34926.
- The flaw is a directory traversal issue affecting only on-premises Apex One.
- An attacker with admin credentials could modify a key table and inject malicious code.
- CISA added CVE-2026-34926 to its Known Exploited Vulnerabilities catalog.
- The latest updates also fix several high-severity local privilege escalation flaws.
Read More: https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/