4
CVEs
0
Critical
0
High
0
KEV
0
PoC
0
Unpatched C/H
25.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
0
MEDIUM
4
LOW
0
Monthly CVE Trend
Affected Products (11)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-1715 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contains an input validation flaw that allows authenticated local users to modify arbitrary registry keys with system-level privileges. This vulnerability could enable privilege escalation or system configuration tampering by an attacker with local access. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-1716 | Lenovo Vantage and Baiying DeviceSettingsSystemAddin contain an input validation flaw that allows authenticated local users to delete arbitrary registry keys with elevated privileges. This vulnerability affects systems where users have local access and could enable attackers to modify system configuration or disable security controls. No patch is currently available. | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-1717 | LenovoProductivitySystemAddin in Lenovo Vantage and Baiying contains an input validation flaw that enables local authenticated users to terminate arbitrary processes with elevated privileges. This medium-severity vulnerability (CVSS 6.8) requires local access and valid credentials but poses a significant availability risk. No patch is currently available. | MEDIUM | 6.8 | 0.0% | 34 |
No patch
|
| CVE-2025-71108 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. | MEDIUM | 5.5 | 0.1% | 28 |
|