Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Trend Micro Apex Central LoadLibraryEX RCE (CVE-2025-69258)

Vulnerability
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2025-69258 in Trend Micro Apex Central (on-premise) lets an unauthenticated remote attacker trigger SYSTEM-level remote code execution on affected management consoles. Trend Micro says the flaw is patched, and customers should update as soon as possible. The issue matters because it can be reached with low-complexity conditions and no user interaction.

Related Happenings

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Open Happening

Windows Autopatch enables hotpatch security updates by default for eligible devices

Security Tool/Service
First: 11.03.2026 11:15 Last: 11.03.2026 11:15 Sources 1

About this happening: Microsoft is changing **Windows Autopatch** to enable **hotpatch security updates** by default, speeding security-fix rollout for eligible devices and reducing restart-related del...

Open Happening

CISA KEV mitigation for BeyondTrust CVE-2026-1731

Advisory/Mitigation
First: 20.02.2026 19:02 Last: 20.02.2026 19:02 Sources 1

About this happening: CISA ordered urgent **KEV** mitigation for **CVE-2026-1731** in **BeyondTrust Remote Support** and **Privileged Remote Access**, forcing affected federal deployments to **apply th...

Open Happening

BeyondTrust Remote Support and Privileged Remote Access CVE-2026-1731 active exploitation wave

Exploitation Wave
First: 12.02.2026 23:34 Last: 12.02.2026 23:34 Sources 1

About this happening: **CVE-2026-1731** in **BeyondTrust Remote Support** and **Privileged Remote Access** is now seeing **first in-the-wild exploitation**, putting exposed appliances at risk of remote...

Open Happening

N8n sandbox escape flaws (multiple vulnerabilities)

Vulnerability
First: 04.02.2026 15:00 Last: 04.02.2026 15:00 Sources 1

About this happening: Two **maximum-severity sandbox-escape flaws** in **n8n** expose **self-hosted and cloud instances** to **complete server takeover** and **credential theft**. An **authenticated us...

Open Happening

Timeline

  1. 09.01.2026 12:40 2 articles · 4mo ago

    Trend Micro releases Apex Central patch for CVE-2025-69258

    Mitigation Patch Update

    Trend Micro issued a security advisory and released Critical Patch Build 7190 for Apex Central (on-premise) after Tenable reported CVE-2025-69258, a LoadLibraryEX flaw that could let an unauthenticated remote attacker load an attacker-controlled DLL into MsgReceiver.exe on TCP port 20001 and execute code as SYSTEM. The update also fixes CVE-2025-69259 and CVE-2025-69260, two denial-of-service flaws exploitable by unauthenticated attackers, and Trend Micro urged customers to update to the latest builds, review remote access, and keep perimeter security current.

    Show sources
    Open in new tab