Trendmicro Security Vulnerabilities (CVEs)
Track 98 security vulnerabilities affecting Trendmicro products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A NULL pointer dereference vulnerability in Trend Micro Apex Central allows remote attackers to cause denial-of-service without authentication. This a...
Jan 8, 2026An out-of-bounds read vulnerability in Trend Micro Apex Central allows remote attackers to cause denial-of-service conditions without authentication. ...
Jan 8, 2026An unauthenticated remote attacker can exploit a LoadLibraryEX vulnerability in Trend Micro Apex Central to load malicious DLLs, leading to arbitrary ...
Jan 8, 2026A critical vulnerability in Trend Micro Apex One (on-premise) management console allows unauthenticated remote attackers to upload malicious code and ...
Aug 5, 2025Trend Micro Cleaner One Pro contains a privilege escalation vulnerability that allows local attackers to delete privileged Trend Micro files, includin...
Jul 10, 2025Trend Micro Password Manager (Consumer) versions 5.8.0.1327 and below contain a privilege escalation vulnerability where attackers can abuse symbolic ...
Jul 10, 2025This vulnerability allows authenticated attackers to execute arbitrary code on Trend Micro Endpoint Encryption PolicyServer installations through inse...
Jun 17, 2025This critical authentication bypass vulnerability in Trend Micro Endpoint Encryption PolicyServer allows attackers to gain administrative access witho...
Jun 17, 2025A post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer allows authenticated attackers to execute arbitrary ...
Jun 17, 2025Trend Micro Security 17.8 (Consumer) contains a local privilege escalation vulnerability where a local attacker could cause the deletion of privileged...
Jun 17, 2025A SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer allows authenticated attackers to escalate privileges by injecting malic...
Jun 17, 2025This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Trend Micro Endpoint Encryption PolicyServer installations via...
Jun 17, 2025A link following vulnerability in Trend Micro Deep Security 20.0 agents allows local attackers to escalate privileges on affected systems. Attackers m...
Jun 17, 2025A link following vulnerability in Trend Micro Deep Security 20.0 agents allows local attackers to create denial of service conditions. This affects sy...
Jun 17, 2025A Server-Side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central's modOSCE component allows attackers to manipulate parameters to access...
Jun 17, 2025A Server-Side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) allows attackers to manipulate parameters to access internal sys...
Jun 17, 2025A broken access control vulnerability in Trend Vision One allowed administrators to create users who could then modify account roles and escalate priv...
Apr 2, 2025A broken access control vulnerability in Trend Vision One User Roles allowed administrators to create users who could then change their own role assig...
Apr 2, 2025This vulnerability in Trend Micro Apex One Security Agent allows a local attacker with low-privileged access to bypass security controls and execute a...
Mar 25, 2025This vulnerability in Trend Micro Apex One Security Agent Plug-in User Interface Manager allows a local attacker with low-privileged access to bypass ...
Mar 25, 2025A local privilege escalation vulnerability in Trend Micro Apex One allows attackers with initial low-privileged access to gain elevated system privile...
Dec 31, 2024This is a local privilege escalation vulnerability in Trend Micro Apex One security software. An attacker with existing low-privileged access on a sys...
Dec 31, 2024A local privilege escalation vulnerability in Trend Micro Apex One's LogServer component allows attackers who already have low-privileged access to el...
Dec 31, 2024This vulnerability in Trend Micro Apex One's LogServer component allows a local attacker with low-privileged code execution to create arbitrary files,...
Dec 31, 2024This CVE describes a command injection vulnerability in Trend Micro Deep Security 20 Agent's manual scan feature. Attackers with local access or domai...
Nov 19, 2024This SQL injection vulnerability in Trend Micro Deep Discovery Inspector allows authenticated administrators to extract sensitive information from the...
Oct 22, 2024An improper access control vulnerability in Trend Micro Deep Security Agent 20 allows local attackers to escalate privileges on affected systems. Atta...
Oct 22, 2024A critical command injection vulnerability in Trend Micro Cloud Edge allows unauthenticated remote attackers to execute arbitrary commands on affected...
Oct 22, 2024This vulnerability in Trend Micro Antivirus One allows attackers to modify product configurations without authorization, potentially disabling securit...
Oct 22, 2024This is an SQL injection vulnerability in Trend Micro Apex One's modOSCE component that allows remote attackers to execute arbitrary code on affected ...
Oct 22, 2024This vulnerability in Trend Micro Apex One allows a local attacker with low-privileged access to escalate privileges on affected systems. Attackers co...
Jun 10, 2024A link following vulnerability in Trend Micro Deep Security agents allows local attackers to escalate privileges from low-privileged accounts to highe...
Jun 10, 2024This CVE describes an origin validation vulnerability in Trend Micro Apex One security agent that allows local attackers to escalate privileges on aff...
Jun 10, 2024A Time-of-Check Time-of-Use (TOCTOU) vulnerability in Trend Micro Apex One and Apex One as a Service agents allows local attackers to escalate privile...
Jun 10, 2024A link following vulnerability in Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine allows a local attacker with low-privileged cod...
Jun 10, 2024This vulnerability allows attackers to hijack DLL files used by Trend Micro's uiAirSupport component, enabling them to execute arbitrary code with ele...
Jan 29, 2024This CVE describes a link following vulnerability in Trend Micro Apex One security agent that allows a local attacker to escalate privileges on affect...
Jan 23, 2024This CVE describes a link following vulnerability in Trend Micro Apex One security agent that allows a local attacker to escalate privileges on affect...
Jan 23, 2024This vulnerability in Trend Micro Apex One agent allows a local attacker with low-privileged code execution to abuse the updater to delete arbitrary f...
Jan 23, 2024A local file inclusion vulnerability in Trend Micro Apex Central widgets could allow remote attackers to execute arbitrary code on affected systems. T...
Jan 23, 2024A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central allows an authenticated attacker to make requests to...
Jan 23, 2024This CVE describes a link following vulnerability in Trend Micro Deep Security 20.0 and Cloud One - Endpoint and Workload Security Agent that allows l...
Jan 23, 2024This CVE describes an origin validation vulnerability in Trend Micro Apex One security agent that allows a local attacker with low-privileged code exe...
Jan 23, 2024This CVE describes an origin validation vulnerability in Trend Micro Apex One security agent that allows a local attacker to escalate privileges on af...
Jan 23, 2024This CVE describes a local privilege escalation vulnerability in Trend Micro Apex One security agent where an attacker with low-privileged access can ...
Jan 23, 2024This CVE describes an origin validation vulnerability in Trend Micro Apex One security agent that allows local attackers to escalate privileges on aff...
Jan 23, 2024A local privilege escalation vulnerability in Trend Micro Apex One's plug-in manager allows attackers with initial low-privileged access to elevate th...
Jan 23, 2024This is an untrusted search path vulnerability in Trend Micro Apex One and Apex One as a Service security agents that allows local attackers to escala...
Jun 26, 2023This vulnerability in Trend Micro Apex One and Apex One as a Service allows a local attacker with low-privileged code execution to escalate privileges...
Jun 26, 2023This vulnerability in Trend Micro Apex One and Apex One as a Service allows a local attacker with low-privileged code execution to escalate privileges...
Jun 26, 2023Why Monitor Trendmicro Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 98+ known vulnerabilities affecting Trendmicro products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Trendmicro packages in under 60 seconds. No agents required - completely agentless scanning that works across Trendmicro deployments.
Free vulnerability database: Access detailed information about every Trendmicro CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Trendmicro CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
