31
CVEs
0
Critical
16
High
0
KEV
0
PoC
11
Unpatched C/H
38.7%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
16
MEDIUM
14
LOW
0
Monthly CVE Trend
Affected Products (8)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-6281 | Remote command execution in Lenovo Personal Cloud Storage devices (T1, T2, T2S, T2Pro, X1, X1S, A1, A1S, and Home Storage Hub T20/X20) allows authenticated users on the local network to execute arbitrary commands via OS command injection (CWE-78). The CVSS v4.0 score of 8.7 reflects complete system compromise potential (VC:H/VI:H/VA:H) through network attack with low complexity but requiring low-privilege authentication (AV:N/AC:L/PR:L). No evidence of active exploitation (not in CISA KEV) or public exploit code identified at time of analysis. Lenovo has issued advisories including end-of-life notices for certain models (T1), indicating some affected products may not receive patches. | HIGH | 8.7 | 0.2% | 44 |
|
| CVE-2026-6282 | Path traversal in Lenovo Personal Cloud Storage devices allows authenticated remote attackers to move or access files belonging to other users on the same device, enabling unauthorized data disclosure and modification across user boundaries. Affects multiple product lines including Personal Cloud (T1, T2, T2S, T2Pro, X1, X1S, A1, A1S) and Home Storage Hub (T20, X20). CVSS 8.6 reflects high confidentiality and integrity impact with low attack complexity. No active exploitation confirmed in CISA KEV at time of analysis, and EPSS data not available for this 2026 CVE identifier. | HIGH | 8.6 | 0.1% | 43 |
|
| CVE-2025-2501 | An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 8.5 | 0.1% | 43 |
No patch
|
| CVE-2025-2502 | An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 8.5 | 0.1% | 43 |
No patch
|
| CVE-2026-4145 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to | HIGH | 8.5 | 0.0% | 43 |
|
| CVE-2026-31587 | Use-after-free in Linux kernel q6apm audio driver allows local authenticated attackers with low privileges to achieve arbitrary code execution, denial of service, or information disclosure with high impact to confidentiality, integrity, and availability. The flaw affects Qualcomm ASoC q6apm component registration code used in devices like Lenovo 21N2ZC5PUS laptops. Vendor-released patches are available across multiple kernel version branches (6.12.83, 6.18.24, 6.19.14, 7.0.1). EPSS score of 0.02% (5th percentile) indicates low probability of mass exploitation despite high CVSS 7.8, with no confirmed active exploitation or public POC identified at time of analysis. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-4134 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local | HIGH | 7.0 | 0.0% | 35 |
|
| CVE-2025-2503 | An improper permission handling vulnerability was reported in Lenovo PC Manager that could allow a local attacker to perform arbitrary file deletions as an elevated user. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available. | MEDIUM | 6.9 | 0.1% | 35 |
No patch
|
| CVE-2026-1715 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contains an input validation flaw that allows authenticated local users to modify arbitrary registry keys with system-level privileges. This vulnerability could enable privilege escalation or system configuration tampering by an attacker with local access. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-1716 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contain an input validation flaw that allows authenticated local users to delete arbitrary registry keys with elevated privileges. This vulnerability affects systems where users have local access and could enable attackers to modify system configuration or disable security controls. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-0827 | During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantag | MEDIUM | 6.9 | 0.0% | 35 |
|
| CVE-2026-1717 | LenovoProductivitySystemAddin in Lenovo Vantage and Baiying contains an input validation flaw that enables local authenticated users to terminate arbitrary processes with elevated privileges. This medium-severity vulnerability (CVSS 6.8) requires local access and valid credentials but poses a significant availability risk. No patch is currently available. | MEDIUM | 6.8 | 0.0% | 34 |
No patch
|
| CVE-2025-71108 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. | MEDIUM | 5.5 | 0.1% | 28 |
|
| CVE-2025-71297 | Kernel denial of service in rtw88 WiFi driver 8822b chipset allows local authenticated users to trigger a kernel WARNING and potential system instability by setting antenna configuration while the wireless chip is powered off, causing unexpected values when RF registers are read during power-down state. | MEDIUM | 5.5 | 0.0% | 28 |
|
| CVE-2026-1636 | A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user t | MEDIUM | 5.4 | 0.0% | 27 |
|