trendmicro
CVE Numbering Authority
Latest CVE published
Overview
trendmicro is a CVE Numbering Authority that has published 490 CVE records since 2017. It is currently classified as active, with 74 CVEs published in the last two years. Its CVE data quality is graded D (60.2% overall completeness).
Among the 370 CNAs tracked here, trendmicro ranks #57 by CVE volume and reports more complete records than 15% of all CNAs.
Data quality report card
How complete and consistent trendmicro's CVE records are, scored across vendor, product, CVSS, and CWE coverage.
A CVE record only requires a description to be published. “Completeness” measures how often trendmicro also fills in the optional — but extremely useful — fields that make a vulnerability actually actionable: the affected vendor and product, a CVSS severity score, and a CWE weakness type. A higher score means more of this CNA’s CVEs include those details, so defenders spend less time enriching records by hand.
Report card grade
60.2%
Overall score
What these scores mean
- Vendor completeness
- The share of this CNA's CVEs that name an affected vendor.
- Product completeness
- The share that name a specific affected product.
- CVSS completeness
- The share that include a CVSS severity score.
- CWE completeness
- The share mapped to a CWE weakness type.
- Update rate
- How often this CNA revises CVE records after first publishing them.
- Vendor diversity
- How many distinct vendors this CNA publishes CVEs for.
Severity and exploitation
How the CVSS severity of trendmicro's published CVEs breaks down, and how many are known to be exploited in the wild.
In CISA’s Known Exploited Vulnerabilities catalog
12
12 of trendmicro's CVEs are confirmed exploited in the wild and carry a CISA remediation deadline.
Common weakness types
The CWE weakness categories trendmicro most often assigns to its CVEs. Follow any weakness to its full explanation.
- CWE-346Origin Validation Error22 CVEs
- CWE-59Improper Link Resolution Before File Access ('Link Following')16 CVEs
- CWE-269Improper Privilege Management16 CVEs
- CWE-427Uncontrolled Search Path Element9 CVEs
- CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')9 CVEs
- CWE-918Server-Side Request Forgery (SSRF)8 CVEs
- CWE-477Use of Obsolete Function7 CVEs
- CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition6 CVEs
Publishing activity by year
How many CVEs trendmicro has published each year.
12-month change
How trendmicro's CVE data quality has shifted over the trailing year.
Previous grade
F
Current grade
C
Score change
49.7% → 78.8% (+29.1%)
Improved most in CVSS Completeness (+97.4 pts)
Top vendors
The vendors trendmicro publishes the most CVEs for.
- Trend Micro506 CVEs
- microsoft211 CVEs
- linux7 CVEs
- apple5 CVEs
- Google2 CVEs
- EMC1 CVEs
- netapp1 CVEs
- novell1 CVEs
Top products
The products trendmicro publishes the most CVEs for.
- windows211 CVEs
- Apex One180 CVEs
- Trend Micro Apex One150 CVEs
- officescan65 CVEs
- Worry-Free Business Security55 CVEs
- Trend Micro OfficeScan53 CVEs
- Trend Micro Worry-Free Business Security47 CVEs
- Trend Micro Apex One as a Service40 CVEs
Latest CVEs
The most recent CVEs assigned by trendmicro.
- CVE-2026-45208CWE-367High · CVSS 7.8EPSS 0.3%2026-05-21
- CVE-2026-45207CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- CVE-2026-45206CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- CVE-2026-34930CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- CVE-2026-34929CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- CVE-2026-34928CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- CVE-2026-34927CWE-346High · CVSS 7.8EPSS 0.2%2026-05-21
- Medium · CVSS 6.7EPSS 12.7%2026-05-21
- CVE-2025-71217CWE-346High · CVSS 7.8EPSS 0.3%2026-05-21
- CVE-2025-71216CWE-367High · CVSS 7.8EPSS 0.3%2026-05-21
- CVE-2025-71215CWE-367High · CVSS 7.0EPSS 0.3%2026-05-21
- CVE-2025-71214CWE-346High · CVSS 7.8EPSS 0.4%2026-05-21
Track new trendmicro CVEs as they are published and get AI-written analysis and remediation guidance.
Monitor trendmicro CVEsOther CNAs
Compare data quality across other CVE Numbering Authorities.
Frequently asked questions
Common questions about the trendmicro CNA.
- What is the trendmicro CNA?
- trendmicro is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 490 CVE records since 2017.
- How many CVEs has trendmicro published?
- trendmicro has published 490 CVE records, including 74 in the last two years.
- What is trendmicro's CVE data quality grade?
- RadicalNotion.AI grades trendmicro's CVE data quality as D, with an overall completeness score of 60.2%. This reflects how consistently its CVE records include vendor (97.8%), product (98%), CVSS (15.1%), and CWE (30%) information.
- What products does trendmicro publish CVEs for?
- trendmicro most frequently publishes CVEs for windows, Apex One, Trend Micro Apex One, officescan, Worry-Free Business Security.
- Which vendors does trendmicro cover?
- trendmicro publishes CVEs across 3 distinct vendors, most often Trend Micro, microsoft, linux, apple, Google.
- Is trendmicro actively publishing CVEs?
- trendmicro is currently active, based on 74 CVEs in the last two years.
- What is the average severity of trendmicro's CVEs?
- The average CVSS base score across trendmicro's scored CVEs is 7.5.
- How many critical CVEs has trendmicro published?
- trendmicro has published 65 critical-severity CVEs and 308 high-severity CVEs.
- Are any of trendmicro's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 12 of trendmicro's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in trendmicro's CVEs?
- trendmicro's CVEs most often map to these CWE weakness types: CWE-346 (Origin Validation Error), CWE-59 (Improper Link Resolution Before File Access ('Link Following')), CWE-269 (Improper Privilege Management), CWE-427 (Uncontrolled Search Path Element).
- How does trendmicro rank among CNAs?
- By total CVE volume, trendmicro ranks #57 of 370 CNAs, and it reports more complete CVE records than 15% of all CNAs.
References
- Official CVE.org list of CNA partners (opens in a new tab)
- Learn: What is a CNA?
- CWE directory: the weakness types this CNA maps its CVEs to
CNA report-card grades are computed by RadicalNotion.AI from published CVE records. CVE data is sourced from the CVE Program.
Track trendmicro CVEs
Monitor new vulnerabilities as this CNA publishes them, with AI-written analysis and remediation guidance.