Rule Update
26-017 (2026年4月28日)
2026年4月28日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1010214* - Identified ApexOne Backup Folder Access
Langflow
1012547* - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Control Manager
1008799* - Control Manager 'cmdHandlerFileHandling' Directory Traversal Remote Code Execution Vulnerability (CVE-2017-11389)
Trend Micro ServerProtect EarthAgent
1011312* - Identified Usage Of ServerProtect Static Credential
WSO2
1012549 - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Client Internet Explorer/Edge
1001426* - Microsoft Internet Explorer OfficeScan Client ActiveX Control Buffer Overflow
Web Server HTTPS
1011349* - Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
1011768* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
1011810* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32535)
Web Server SharePoint
1012542* - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1010214* - Identified ApexOne Backup Folder Access
Langflow
1012547* - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Control Manager
1008799* - Control Manager 'cmdHandlerFileHandling' Directory Traversal Remote Code Execution Vulnerability (CVE-2017-11389)
Trend Micro ServerProtect EarthAgent
1011312* - Identified Usage Of ServerProtect Static Credential
WSO2
1012549 - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Client Internet Explorer/Edge
1001426* - Microsoft Internet Explorer OfficeScan Client ActiveX Control Buffer Overflow
Web Server HTTPS
1011349* - Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
1011768* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
1011810* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32535)
Web Server SharePoint
1012542* - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.