TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926
Security Patch Release
Summary
Hide ▲
Show ▼
TrendAI released Apex One security updates after confirming a zero-day had been exploited in the wild, leaving on-premises installations at risk until patched. The update set also fixes several high-severity local privilege-escalation flaws. One issue is tracked as CVE-2026-34926, and CISA added it to the KEV catalog with a June 4 deadline. Administrators should apply the updates and review remote access to critical systems.
Related Happenings
Pretalx version 2026.1.0 security update for CVE-2026-41241
Security Patch Release
First: 27.05.2026 17:30
Last: 27.05.2026 17:30
Sources 1
About this happening:
**Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...
Pretalx version 2026.1.0 security update for CVE-2026-41241
Security Patch ReleaseAbout this happening: **Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...
LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)
Security Patch Release
First: 27.05.2026 13:06
Last: 27.05.2026 13:06
Sources 1
About this happening:
LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...
LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)
Security Patch ReleaseAbout this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...
Drupal core security update for CVE-2026-9082
Security Patch Release
First: 22.05.2026 16:14
Last: 22.05.2026 16:14
Sources 1
About this happening:
**Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
Drupal core security update for CVE-2026-9082
Security Patch ReleaseAbout this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch Release
First: 21.05.2026 10:49
Last: 21.05.2026 10:49
Sources 1
About this happening:
Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch ReleaseAbout this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Latest development: 21.05.2026 12:52
Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.
Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)
Security Patch Release
First: 11.05.2026 17:30
Last: 11.05.2026 17:30
Sources 1
About this happening:
**Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...
Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)
Security Patch ReleaseAbout this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...
Timeline
-
22.05.2026 11:19 2 articles · 5d ago
TrendAI patches Apex One zero-day CVE-2026-34926
Mitigation Patch UpdateTrendAI said it patched CVE-2026-34926 in Apex One after the zero-day was exploited in the wild. The medium-severity directory traversal flaw affects only the on-premises version, requires admin credentials to the server, and could let an attacker modify a key table and inject malicious code to deploy to agents on affected installations. TrendAI also said its incident response team discovered the vulnerability internally, and CISA added CVE-2026-34926 to the KEV catalog with a June 4 remediation deadline for federal agencies.
Show sources
- TrendAI Patches Apex One Zero-Day Exploited in the Wild — www.securityweek.com — 22.05.2026 11:19
- TrendAI Patches Apex One Zero-Day Exploited in the Wild — www.securityweek.com — 22.05.2026 11:19