3
CVEs
0
Critical
1
High
0
KEV
1
PoC
0
Unpatched C/H
100.0%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
1
MEDIUM
1
LOW
0
Monthly CVE Trend
Affected Products (30)
Linux Kernel
27
Thinkcentre M625Q Firmware
17
Thinkcentre M80T Firmware
16
Thinkcentre M80S Firmware
16
Thinkcentre M90T Firmware
16
Thinkcentre M90S Firmware
16
Thinkcentre M70S Firmware
15
Ideacentre 5 14Iob6 Firmware
15
Thinkcentre M70Q Firmware
15
Thinkcentre M70T Firmware
15
Ideacentre 3 07Imb05 Firmware
15
Ideacentre G5 14Imb05 Firmware
15
Ideacentre Gaming 5 14Iob6 Firmware
15
Thinkcentre M75S Gen 2 Firmware
15
V30A 22Iml Firmware
15
Thinkcentre M80Q Firmware
15
V50A 22Imb Firmware
15
V50A 24Imb Firmware
15
V50T 13Imb Firmware
15
Thinkcentre M90Q Tiny Firmware
15
Thinkcentre M630E Firmware
15
Thinkcentre M70C Firmware
15
Ideacentre 5 14Imb05 Firmware
15
Thinkcentre M75N Firmware
15
V50S 07Imb Firmware
15
Thinkcentre M90A Firmware
15
Thinkcentre M75T Gen 2 Firmware
15
Ideacentre Creator 5 14Iob6 Firmware
15
V50T 13Imh Firmware
14
Ideacentre Gaming 5 17Iab7 Firmware
14
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-58583 | Local privilege escalation in the FluxInk (formerly Sunia SPB Peripheral) Color Management Driver TcnPeripheral64.sys version 1.0.7.2 lets a standard user map arbitrary physical memory via the \Device\PhysicalMemory object and gain kernel-level control. The flaw affects Lenovo systems shipping this signed color-management driver and is fixed in version 1.0.7.6. Publicly available exploit code exists; there is no public exploit identified as actively exploited (not in CISA KEV), though the vulnerability was reported by CISA (cisa-cg). | HIGH | 8.4 | 0.1% | 62 |
PoC
|
| CVE-2026-53305 | NULL pointer dereference in the Linux kernel's ps883x USB Type-C retimer driver causes a kernel Oops during device unbind, resulting in a denial of service. The ps883x_retimer_remove() function calls i2c_get_clientdata() to retrieve driver-private state, but i2c_set_clientdata() was never called during probe, leaving the pointer NULL; dereference at offset 0x20 triggers a fatal translation fault. Systems with ps883x retimer hardware running affected kernel versions are vulnerable when a privileged local user unbinds the driver via sysfs. No active exploitation is confirmed (no CISA KEV listing), and the EPSS score of 0.17% (6th percentile) reflects negligible real-world exploitation probability. | MEDIUM | 5.5 | 0.2% | 28 |
|
| CVE-2026-53348 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: fix NULL pointer dereference in sdca_dev_unregister_functions sdca_d | – | 0.1% | – |
|