lenovo

482 tracked vulnerabilities.

CVE-2026-6282 HIGH
Lenovo Personal Cloud T2s - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
May 13, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-6281 HIGH
Lenovo Personal Cloud T2s - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
May 13, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-4145 HIGH
Lenovo Software Fix <7.5.5.19 - Privilege Escalation
Apr 15, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-4135 MEDIUM
Lenovo Software Fix < 7.5.5.19 - Authenticated Arbitrary File Write via Improper Link Resolution
Apr 15, 2026
CVSS 6.6
EPSS 0.00
CVE-2026-4134 HIGH
Lenovo Software Fix <7.5.5.19 - Privilege Escalation
Apr 15, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-1636 MEDIUM
Lenovo Service Bridge <5.0.2.20 - Privilege Escalation
Apr 15, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-0827 HIGH
Lenovo Diagnostics < 5.26.0 and Lenovo Vantage < 4.7.1.4 - Authenticated Arbitrary File Write via Hardware Scan
Apr 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-1717 MEDIUM
Lenovo Vantage/Baiying - Privilege Escalation
Mar 11, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-1716 HIGH
Lenovo Vantage/Baiying - Privilege Escalation
Mar 11, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-1715 HIGH
Lenovo Vantage/Baiying - Privilege Escalation
Mar 11, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-0421 MEDIUM
Lenovo ThinkPad BIOS Secure Boot Bypass via Unchecked Return Value
Jan 14, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-14058 LOW
Lenovo Tab M11 TB330FU TB330XU < 17.0.284 - Missing Authentication for Control Center Settings
Jan 14, 2026
CVSS 3.2
EPSS 0.00
CVE-2025-13455 HIGH
ThinkPlus configuration software - Auth Bypass
Jan 14, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-13454 MEDIUM
Lenovo ThinkPlus FU100/FU200/TU800/TSD303 Firmware - Cleartext Transmission of Sensitive Information
Jan 14, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-13453 MEDIUM
Lenovo ThinkPlus FU100 FU200 TU800 TSD303 - Unprotected User Data Exposure via Missing Encryption
Jan 14, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-13154 MEDIUM
Lenovo Vantage - Privilege Escalation
Jan 14, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-13155 HIGH
Lenovo Baiying Client - Privilege Escalation
Dec 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-13152 HIGH
Lenovo One Client - Privilege Escalation
Dec 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-12046 HIGH
Lenovo App Store/Browser - Privilege Escalation
Dec 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-8485 HIGH
Lenovo App Store < 9.0.2530.1027 - Authenticated Privilege Escalation via Improper Permissions
Nov 12, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-8421 MEDIUM
Lenovo Dock Manager - Privilege Escalation
Nov 12, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-12048 HIGH
Lenovo Scanner Pro < 1.0.0.4 - Arbitrary File Upload
Nov 12, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12047 MEDIUM
Lenovo Scanner pro - Info Disclosure
Nov 12, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10495 HIGH
Lenovo App Store, PC Manager, Browser, and Legion Zone - Remote Code Execution via Improper Certificate Validation
Nov 12, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11193 MEDIUM
Lenovo Tab M11 TB330FU TB330XU - Plaintext Storage of a Password
Nov 03, 2025
CVSS 5.5
EPSS 0.00
Products
thinkcentre_m625q_firmware 28 ideacentre_5-14iob6_firmware 27 ideacentre_g5-14imb05_firmware 27 ideacentre_gaming_5-14iob6_firmware 27 thinkcentre_m75n_firmware 27 v50t-13imb_firmware 27 xclarity_administrator 27 ideacentre_3-07imb05_firmware 26 ideacentre_c5-14imb05_firmware 26 ideacentre_creator_5-14iob6_firmware 26 thinkcentre_m75s_gen_2_firmware 26 thinkcentre_m75t_gen_2_firmware 26 v30a-22iml_firmware 26 v50s-07imb_firmware 26 ideacentre_3-07ada05_firmware 25 ideacentre_g5-14amr05_firmware 25 legion_t7-34imz5_firmware 25 thinkcentre_m70c_firmware 25 thinkcentre_m70q_firmware 25 thinkcentre_m80q_firmware 25 thinkcentre_m80s_firmware 25 thinkcentre_m80t_firmware 25 thinkcentre_m90a_firmware 25 thinkcentre_m90q_tiny_firmware 25 thinkcentre_m90s_firmware 25 thinkedge_se30_firmware 25 v30a-24iml_firmware 25 v50a-22imb_firmware 25 v50a-24imb_firmware 25 v55t_gen_2_13acn_firmware 25
Quick Filters
Critical CVEs With Exploits In CISA KEV