Lenovo
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Lenovo product.
RSS Feeds for Lenovo security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Lenovo products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Lenovo Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 16 vulnerabilities in Lenovo with an average score of 5.7 out of ten. Last year, in 2025 Lenovo had 26 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Lenovo in 2026 could surpass last years number. Last year, the average CVE base score was greater by 1.10
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 16 | 5.74 |
| 2025 | 26 | 6.83 |
| 2024 | 18 | 6.77 |
| 2023 | 25 | 7.07 |
| 2022 | 10 | 6.46 |
| 2021 | 10 | 6.47 |
| 2020 | 38 | 6.51 |
| 2019 | 12 | 7.18 |
| 2018 | 11 | 7.39 |
It may take a day or so for new Lenovo vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lenovo Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-2640 | Mar 11, 2026 |
Lenovo PC Manager LPE: Authenticated User can Kill Privileged ProcDuring an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes. |
Pc Manager
|
| CVE-2026-1717 | Mar 11, 2026 |
Lenovo PP System Addin: Local Auth Process Termination via Input ValidationAn input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges. |
Vantage
Baiying
|
| CVE-2026-1716 | Mar 11, 2026 |
Lenovo Vantage DeviceSettingsSystemAddin input val allows lcl reg key deleteAn input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges. |
Vantage
Baiying
|
| CVE-2026-1715 | Mar 11, 2026 |
Lenovo Vantage Addin Lets Local Auth'd User Escalate Priv & Modify RegAn input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges. |
Vantage
Baiying
|
| CVE-2026-1653 | Mar 11, 2026 |
Lenovo Virtual Bus Driver DividebyZero Vulnerability (CVE20261653)A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error. |
Smart Connect
|
| CVE-2026-1652 | Mar 11, 2026 |
Lenovo Virtual Bus Driver BOF in Smart ConnectA potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue screen error. |
Smart Connect
|
| CVE-2026-0940 | Mar 11, 2026 |
Lenovo ThinkPad BIOS init flaw CVE-2026-0940A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code. |
Thinkpad T14 Gen 5 Bios
Thinkpad P14s Gen 5 Bios
Thinkpad Z13 Gen 2 Bios
And others... |
| CVE-2026-2368 | Mar 11, 2026 |
Lenovo Filez Improper Cert Validation (CVE-2026-2368)An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code. |
Filez
|
| CVE-2026-1068 | Mar 11, 2026 |
Lenovo Filez Improper Cert Validation (CVE-2026-1068)An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application. |
Filez
|
| CVE-2026-0520 | Mar 11, 2026 |
Lenovo FileZ Android App Authenticated Log File Data DisclosureA potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file. |
Filez
|
| CVE-2025-14058 | Jan 14, 2026 |
Lenovo Tablet Auth Bypass: Obsolete Control Center SettingA potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled. |
Tab M11 Tb330fu Tb330xu
Tab K11 Tb330fu
Tab K11 Tb330fup
And others... |
| CVE-2026-0421 | Jan 14, 2026 |
Lenovo ThinkPad BIOS SecureBoot Disable VulnerabilityA potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as On in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode. |
Thinkpad L13 Gen 6 Bios
Thinkpad L13 Gen 6 2 In 1 Bios
Thinkpad L14 Gen 6 Bios
And others... |
| CVE-2025-13455 | Jan 14, 2026 |
ThinkPlus Cfg Auth Bypass, Enables Untrusted Fingerprint EnrollmentA vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint. |
Thinkplus Fu100
Thinkplus Fu200
Thinkplus Tu800
And others... |
| CVE-2025-13454 | Jan 14, 2026 |
Lenovo ThinkPlus Config Software Local Authenticated Info DisclosureA potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information. |
Thinkplus Fu100
Thinkplus Fu200
Thinkplus Tu800
And others... |
| CVE-2025-13453 | Jan 14, 2026 |
Lenovo ThinkPlus USB Drive Physical Read Vulnerability (CVE-2025-13453)A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive. |
Thinkplus Fu100
Thinkplus Fu200
Thinkplus Tu800
And others... |
| CVE-2025-13154 | Jan 14, 2026 |
SmartPerformanceAddin LPE via Improper Link Follow in Lenovo VantageAn improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges. |
Vantage
|
| CVE-2025-13155 | Dec 10, 2025 |
Lenovo Baiying Client: Improper Permissions Enabling Privilege EscalationAn improper permissions vulnerability was reported in Lenovo Baiying Client that could allow a local authenticated user to execute code with elevated privileges. |
Baiying Client
|
| CVE-2025-13152 | Dec 10, 2025 |
Lenovo One Client DLL Hijacking (LPE)A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. |
One Client
|
| CVE-2025-12046 | Dec 10, 2025 |
DLL Hijacking in Lenovo App Store & Browser enabling local code execA DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions. |
App Store
Browser
|
| CVE-2025-12048 | Nov 12, 2025 |
Lenovo Scanner Pro: Arbitrary File Upload RCE VulnerabilityAn arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affected system. |
Scanner Pro
|
| CVE-2025-12047 | Nov 12, 2025 |
Local Network Disclosure in Lenovo Scanner Pro (CVE-2025-12047)A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application. |
Scanner Pro
|
| CVE-2025-10495 | Nov 12, 2025 |
Lenovo PC Manager/App Store/Browser/Legion Zone RCE via LANA potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code. |
App Store
Pc Manager
Browser
And others... |
| CVE-2025-8485 | Nov 12, 2025 |
Privileged Escalation via Improper Permissions in Lenovo App StoreAn improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application. |
App Store
|
| CVE-2025-8421 | Nov 12, 2025 |
Lenovo Dock Manager Improper Default Permission Log File RedirectionAn improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges. |
Dock Manager
|
| CVE-2025-11193 | Nov 03, 2025 |
Lenovo Tablet Local Authenticated Info Disclosure CVE-2025-11193A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information. |
Tab M11 Tb330fu Tb330xu
Tab K11 Tb330fu Tb330fup Tb330xu Tb330xup
Idea Tab Pro Tb373fu
And others... |
| CVE-2025-10699 | Oct 15, 2025 |
Lenovo LeCloud client Info Disclosure Vulnerability (CVE-2025-10699)A vulnerability was reported in the Lenovo LeCloud client application that, under certain conditions, could allow information disclosure. |
Lecloud Client
|
| CVE-2025-10581 | Oct 15, 2025 |
DLL Hijack in Lenovo PC Manager (CVE-2025-10581)A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. |
Pc Manager
|
| CVE-2025-9548 | Oct 15, 2025 |
Nullptr Deref in Lenovo Power Mgmt Driver Causes BSODA potential null pointer dereference vulnerability was reported in the Lenovo Power Management Driver that could allow a local authenticated user to cause a Windows blue screen error. |
Power Management Driver
|
| CVE-2025-8486 | Oct 15, 2025 |
PC Manager Local Authenticated Code Execution (LPE)A potential vulnerability was reported in PC Manager that could allow a local authenticated user to execute code with elevated privileges. |
Pc Manager
|
| CVE-2025-6026 | Oct 15, 2025 |
Lenovo UDC Improper Cert Validation Enables MITM of Encrypted MetadataAn improper certificate validation vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data. |
Universal Device Client
|
| CVE-2025-8061 | Sep 11, 2025 |
Lenovo Dispatcher 3.0-3.1: Insufficient Access Control (Elevated Privileges)A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default. |
Dispatcher 3 0 Driver
Dispatcher 3 1 Driver
|
| CVE-2025-8557 | Sep 11, 2025 |
Lenovo XClarity Orchestrator Local Network API Channel AbuseAn internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator (LXCO) network segment may be able to manipulate the local device to create an alternate communication channel which could allow the attacker, under certain conditions, to directly interact with backend LXCO API services typically inaccessible to users. While access controls may limit the scope of interaction, this could result in unauthorized access to internal functionality or data. This issue is not exploitable from remote networks. |
Xclarity Orchestrator
|
| CVE-2025-9214 | Sep 11, 2025 |
Lenovo Printer CUPS Service Missing Auth LeakA missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service. |
Lj2206w Printer
M7206w Printer
M7216nwa Printer
And others... |
| CVE-2025-9319 | Sep 11, 2025 |
Lenovo Wallpaper Client: Arbitrary Code Execution via Wallpaper ServiceA potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions. |
Wallpaper Client
|
| CVE-2025-9201 | Sep 11, 2025 |
DLL Hijack in Lenovo Browser Enabling Privileged Code ExecA potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges. |
Browser
|
| CVE-2025-4371 | Aug 18, 2025 |
Lenovo 510/Performance FHD Webcam USB Firmware Write VulnerabilityA potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection. |
|
| CVE-2025-6230 | Jul 17, 2025 |
Lenovo Vantage Local SQLi Enables Elevated Code ExecutionA SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands. |
Commercial Vantage
Vantage
|
| CVE-2025-6231 | Jul 17, 2025 |
Lenovo Vantage Config File Tampering Allows Local Privilege EscalationAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file. |
Commercial Vantage
Vantage
|
| CVE-2025-6232 | Jul 17, 2025 |
Lenovo Vantage LPE via Improper Reg Validation (CVE-2025-6232)An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying specific registry locations. |
Commercial Vantage
Vantage
|
| CVE-2025-1479 | May 30, 2025 |
Legion Space: Local Code Exec via Open Debug InterfaceAn open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code. |
Legion Space For Legion Go
Legion Space For Legion Pc
|
| CVE-2025-2501 | May 30, 2025 |
Lenovo PC Manager USP Privilege Escalation (CVE-2025-2501)An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. |
Pc Manager
|
| CVE-2025-2502 | May 30, 2025 |
Lenovo PC Manager Improper Default Permission Elevation PrivilegeAn improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. |
Pc Manager
|
| CVE-2024-5474 | Oct 11, 2024 |
Lenovo Dolby Vision Prov. <2.0.0.2: Local Info Disclosure via PackagingA potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue. |
Dolby Vision Provisioning
|
| CVE-2024-9046 | Oct 11, 2024 |
Lenovo stARstudio DLL Hijack allows local privilege escalationA DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. |
Starstudio
|
| CVE-2024-4132 | Oct 11, 2024 |
DLL Hijack in Lenovo Lock Screen Enables Local Privilege EscalationA DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. |
Lock Screen
|
| CVE-2024-4131 | Oct 11, 2024 |
DLL Hijack in Lenovo Emulator Enables Local Priv EscA DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. |
Emulator
|
| CVE-2024-4089 | Oct 11, 2024 |
DLL Hijack in Lenovo Super File Enables Local Privilege EscalationA DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. |
Superfile
|
| CVE-2024-4130 | Oct 11, 2024 |
DLL Hijack in Lenovo App Store Enables Local Privilege EscalationA DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. |
App Store
|
| CVE-2024-45103 | Sep 13, 2024 |
Privilege Escalation: LXCA Admin Lets Unmanage Device via Web UIA valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges. |
Xclarity Administrator
|
| CVE-2024-45104 | Sep 13, 2024 |
Authenticated Non-Privileged User Gaining API Control in LXCAA valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call. |
Xclarity Administrator
|