40
CVEs
0
Critical
19
High
0
KEV
0
PoC
12
Unpatched C/H
45.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
19
MEDIUM
20
LOW
0
Monthly CVE Trend
Affected Products (8)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-6281 | Remote command execution in Lenovo Personal Cloud Storage devices (T1, T2, T2S, T2Pro, X1, X1S, A1, A1S, and Home Storage Hub T20/X20) allows authenticated users on the local network to execute arbitrary commands via OS command injection (CWE-78). The CVSS v4.0 score of 8.7 reflects complete system compromise potential (VC:H/VI:H/VA:H) through network attack with low complexity but requiring low-privilege authentication (AV:N/AC:L/PR:L). No evidence of active exploitation (not in CISA KEV) or public exploit code identified at time of analysis. Lenovo has issued advisories including end-of-life notices for certain models (T1), indicating some affected products may not receive patches. | HIGH | 8.7 | 0.2% | 44 |
|
| CVE-2026-6282 | Path traversal in Lenovo Personal Cloud Storage devices allows authenticated remote attackers to move or access files belonging to other users on the same device, enabling unauthorized data disclosure and modification across user boundaries. Affects multiple product lines including Personal Cloud (T1, T2, T2S, T2Pro, X1, X1S, A1, A1S) and Home Storage Hub (T20, X20). CVSS 8.6 reflects high confidentiality and integrity impact with low attack complexity. No active exploitation confirmed in CISA KEV at time of analysis, and EPSS data not available for this 2026 CVE identifier. | HIGH | 8.6 | 0.1% | 43 |
|
| CVE-2024-12673 | An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker to elevate privileges on the system. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 8.5 | 0.1% | 43 |
No patch
|
| CVE-2025-2501 | An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 8.5 | 0.1% | 43 |
No patch
|
| CVE-2025-2502 | An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 8.5 | 0.1% | 43 |
No patch
|
| CVE-2026-4145 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to | HIGH | 8.5 | 0.0% | 43 |
|
| CVE-2025-22020 | In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application. | HIGH | 7.8 | 0.1% | 39 |
|
| CVE-2025-21729 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion The rtwdev->scanning flag isn't protected by mutex originally,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-31587 | Use-after-free in Linux kernel q6apm audio driver allows local authenticated attackers with low privileges to achieve arbitrary code execution, denial of service, or information disclosure with high impact to confidentiality, integrity, and availability. The flaw affects Qualcomm ASoC q6apm component registration code used in devices like Lenovo 21N2ZC5PUS laptops. Vendor-released patches are available across multiple kernel version branches (6.12.83, 6.18.24, 6.19.14, 7.0.1). EPSS score of 0.02% (5th percentile) indicates low probability of mass exploitation despite high CVSS 7.8, with no confirmed active exploitation or public POC identified at time of analysis. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-4134 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local | HIGH | 7.0 | 0.0% | 35 |
|
| CVE-2025-2503 | An improper permission handling vulnerability was reported in Lenovo PC Manager that could allow a local attacker to perform arbitrary file deletions as an elevated user. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available. | MEDIUM | 6.9 | 0.1% | 35 |
No patch
|
| CVE-2026-1715 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contains an input validation flaw that allows authenticated local users to modify arbitrary registry keys with system-level privileges. This vulnerability could enable privilege escalation or system configuration tampering by an attacker with local access. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-1716 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contain an input validation flaw that allows authenticated local users to delete arbitrary registry keys with elevated privileges. This vulnerability affects systems where users have local access and could enable attackers to modify system configuration or disable security controls. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-0827 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantag | MEDIUM | 6.9 | 0.0% | 35 |
|
| CVE-2026-1717 | LenovoProductivitySystemAddin in Lenovo Vantage and Baiying contains an input validation flaw that enables local authenticated users to terminate arbitrary processes with elevated privileges. This medium-severity vulnerability (CVSS 6.8) requires local access and valid credentials but poses a significant availability risk. No patch is currently available. | MEDIUM | 6.8 | 0.0% | 34 |
No patch
|