TrendMicro
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any TrendMicro product.
RSS Feeds for TrendMicro security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in TrendMicro products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by TrendMicro Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 3 vulnerabilities in TrendMicro with an average score of 8.3 out of ten. Last year, in 2025 TrendMicro had 21 security vulnerabilities published. Right now, TrendMicro is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 1.49.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 8.27 |
| 2025 | 21 | 6.78 |
| 2024 | 60 | 7.08 |
| 2023 | 41 | 7.34 |
| 2022 | 34 | 7.24 |
| 2021 | 33 | 6.97 |
| 2020 | 38 | 6.54 |
| 2019 | 13 | 7.83 |
| 2018 | 46 | 8.07 |
It may take a day or so for new TrendMicro vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent TrendMicro Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-69260 | Jan 08, 2026 |
Trend Micro Apex Central OOB Read Exploitation Enables DOSA message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability. |
Apexcentral
|
| CVE-2025-69259 | Jan 08, 2026 |
Trend Micro Apex Central NULL-Return DoS Vulnerability (CVE-2025-69259)A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability.. |
Apexcentral
|
| CVE-2025-69258 | Jan 08, 2026 |
Trend Micro Apex Central LoadLibraryEx DLL Hijack (CVE-2025-69258)A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations. |
Apexcentral
|
| CVE-2025-54987 | Aug 05, 2025 |
Trend Micro Apex One RCE via Pre-Auth Console UploadA vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. |
Apex One
|
| CVE-2025-54948 | Aug 05, 2025 |
Trend Micro Apex One pre-auth uploadA vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. |
Apex One
Apexone Server
|
| CVE-2025-52837 | Jul 10, 2025 |
Link Following Privilege Escalation in Trend Micro Password Manager 5.8.0.1327Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any file/folder and achieve privilege escalation. |
Password Manager
|
| CVE-2025-30642 | Jun 17, 2025 |
Trend Micro Deep Security 20.0 Agents DoS via Link FollowingA link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Security
|
| CVE-2025-30640 | Jun 17, 2025 |
Trend Micro Deep Security 20.0 Agents: LPE via Link FollowingA link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Security
|
| CVE-2025-30680 | Jun 17, 2025 |
Trend Micro Apex Central SaaS SSRF -> Info DisclosureA Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that automatically apply Trend Micro's monthly maintenance releases to the SaaS instance do not have to take any further action. |
Apex Central
|
| CVE-2025-49157 | Jun 17, 2025 |
Local Privilege Escalation via Link-Follow in Apex One Damage Cleanup EngineA link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2025-49156 | Jun 17, 2025 |
Priv Esc via Link Follow in Trend Micro Apex One Scan EngineA link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2025-49155 | Jun 17, 2025 |
Trend Micro Apex One DLP Uncontrolled Search Path Allows XecAn uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations. |
Apex One
|
| CVE-2025-49154 | Jun 17, 2025 |
CVE-2025-49154: Trend Micro Apex One Local Access Control ExploitAn insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2025-49220 | Jun 17, 2025 |
Trend Micro Apex Central <8.0.7007 insecure deserialization RCEAn insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method. |
Apex Central
|
| CVE-2025-49219 | Jun 17, 2025 |
Insecure deserialization TMC Apex Central <8.0.7007 enables pre-auth RCEAn insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method. |
Apex Central
|
| CVE-2025-47866 | Jun 17, 2025 |
Trend Micro Apex Central Widget v<8.0.6955 Unrestricted File UploadAn unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations. |
Apex Central
|
| CVE-2025-47867 | Jun 17, 2025 |
LFI in Trend Micro Apex Central <8.0.6955 RCEA Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbitrary files to execute as PHP code and lead to remote code execution on affected installations. |
Apex Central
|
| CVE-2025-31285 | Apr 02, 2025 |
Broken ACL in Trend Vision One Role Name Enables Privilege EscalationA broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
|
| CVE-2025-31284 | Apr 02, 2025 |
Trend Vision One Status BRC Escalation by Admin User CreationA broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
|
| CVE-2025-31283 | Apr 02, 2025 |
Trend Vision One User Roles Broken Access Control Escalates PrivilegesA broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
|
| CVE-2025-31282 | Apr 02, 2025 |
Trend Vision One: Broken ACL in User Account ComponentA broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
|
| CVE-2024-58105 | Mar 25, 2025 |
Trend Micro Apex One UI Manager Bypass Allows Local ExecutionA vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-58104 | Mar 25, 2025 |
Trend Micro Apex One UI Manager LPE & Code ExecA vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2022-28339 | Feb 22, 2025 |
Trend Micro HouseCall 5.3.1302 Uncontrolled Search Patch Element DLL PrivEscTrend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges. |
Housecall For Home Networks
|
| CVE-2024-55955 | Dec 31, 2024 |
Trend Micro Deep Security Agent Privilege Escalation VulnerabilityAn incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Security
|
| CVE-2024-55917 | Dec 31, 2024 |
Trend Micro Apex One Origin Validation Error Privilege EscalationAn origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-55632 | Dec 31, 2024 |
Trend Micro Apex One Security Agent Link Following Privilege Escalation VulnerabilityA security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-55631 | Dec 31, 2024 |
Trend Micro Apex One: Local Privilege Escalation via Engine Link FollowingAn engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-52050 | Dec 31, 2024 |
Trend Micro Apex One LogServer Local Escalation via File CreationA LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-52047 | Dec 31, 2024 |
Trend Micro Apex One widget LFI allows RCEA widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-51503 | Nov 19, 2024 |
Trend Micro Deep Security 20 Agent: Command Injection Vulnerability in Security Agent Manual ScanA security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines. |
Deep Security
|
| CVE-2024-45334 | Oct 22, 2024 |
Trend Micro Antivirus One v3.10.4 and Below: Arbitrary Config Update VulnerabilityTrend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions. |
Antivirus One
|
| CVE-2024-45335 | Oct 22, 2024 |
Trend Micro Antivirus One <=3.10.4 Bypass Scan via Crafted VirusTrend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. |
Antivirus One
|
| CVE-2024-46902 | Oct 22, 2024 |
Trend Micro DDI 5.8+ Data Disclosure via Admin Code ExecA vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. |
Deep Discovery Inspector
|
| CVE-2024-46903 | Oct 22, 2024 |
Trend Micro Deep Discovery Inspector 5.8+ Info Disclosure via Low Privilege CodeA vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Discovery Inspector
|
| CVE-2024-39753 | Oct 22, 2024 |
Trend Micro Apex One modOSCE SQLi Allows RCEAn modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-41183 | Oct 22, 2024 |
Trend Micro VPN 5.8.1012: File Overwrite Priv EscalationTrend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges. |
Vpn
|
| CVE-2024-48903 | Oct 22, 2024 |
Deep Security Agent 20: Improper Access Control, Local PrivEsc (CVE-2024-48903)An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Security Agent
|
| CVE-2024-48904 | Oct 22, 2024 |
Trend Micro Cloud Edge Remote Command Injection (CVE-2024-48904)An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances. Please note: authentication is not required in order to exploit this vulnerability. |
Cloud Edge
|
| CVE-2024-36358 | Jun 10, 2024 |
Trend Micro Deep Security <=20.0.1-3180 Privilege Escalation via Link FollowingA link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Deep Security
|
| CVE-2024-36359 | Jun 10, 2024 |
XSS Escalation in Trend Micro IWSVA 6.5 Web Security Virtual ApplianceA cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Interscan Web Security Virtual Appliance
|
| CVE-2024-36306 | Jun 10, 2024 |
Local DoS via link following in Trend Micro Apex One DAMAGE Cleanup EngineA link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-36305 | Jun 10, 2024 |
Apex One LPE via Link-Follow Exploit (CVE-2024-36305)A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-36302 | Jun 10, 2024 |
Trend Micro Apex One: Origin Validation flaw -> LPEAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36303. |
Apex One
|
| CVE-2024-36303 | Jun 10, 2024 |
Trend Micro Apex One PrivEsc via Origin Validation (CVE-2024-36303)An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36302. |
Apex One
|
| CVE-2024-37289 | Jun 10, 2024 |
Trend Micro Apex One Local Privilege Escalation via Access Control BypassAn improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-36473 | Jun 10, 2024 |
Trend Micro VPN Proxy One Pro <=5.8.1012 Local File Overwrite, DoS & Priv EscTrend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges. |
Vpn Proxy One
|
| CVE-2024-36304 | Jun 10, 2024 |
Trend Micro APEX One Agent TOCTOU Privilege EscalationA Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|
| CVE-2024-32849 | Jun 10, 2024 |
Trend Micro Security 17.x PrivEsc: Local Attacker Deleting Privileged FilesTrend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. |
Maximum Security 2022
Maximum Security 2023
|
| CVE-2024-36307 | Jun 10, 2024 |
Local attacker can obtain agent info via link following in Trend Micro Apex OneA security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apex One
|