Trendmicro Apex Central — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Apex Central, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2025-69258 — CVSS 9.8 (critical): A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL…
CVE-2025-49220 — CVSS 9.8 (critical): An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code…
CVE-2025-49219 — CVSS 9.8 (critical): An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code…
CVE-2023-32530 — CVSS 8.8 (high): Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL…
CVE-2023-32529 — CVSS 8.8 (high): Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL…
CVE-2023-52324 — CVSS 8.8 (high): An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected…
CVE-2025-69260 — CVSS 7.5 (high): A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service…
CVE-2023-52325 — CVSS 7.5 (high): A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code…
CVE-2025-47865 — CVSS 7.5 (high): A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote…
CVE-2025-47867 — CVSS 7.5 (high): A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include…
CVE-2025-69259 — CVSS 7.5 (high): A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service…
CVE-2023-52331 — CVSS 7.1 (high): A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with…
CVE-2025-30680 — CVSS 7.1 (high): A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain…
CVE-2025-30679 — CVSS 6.5 (medium): A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to…
CVE-2025-30678 — CVSS 6.5 (medium): A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to…
CVE-2023-32533 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-32534 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-32532 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-52326 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-52327 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-52328 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-52329 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-32535 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2023-32531 — CVSS 6.1 (medium): Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an…
CVE-2021-25252 — CVSS 5.5 (medium): Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may…
CVE-2023-32604 — CVSS 5.4 (medium): Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS)…
CVE-2023-38624 — CVSS 5.4 (medium): A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow…
CVE-2023-38625 — CVSS 5.4 (medium): A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow…
CVE-2023-38626 — CVSS 5.4 (medium): A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow…
CVE-2023-38627 — CVSS 5.4 (medium): A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow…
CVE-2023-32605 — CVSS 5.4 (medium): Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS)…
CVE-2023-32536 — CVSS 5.4 (medium): Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS)…
CVE-2023-32537 — CVSS 5.4 (medium): Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS)…
CVE-2025-47866 — CVSS 4.3 (medium): An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload…