Zero Day MonitorZDM

← Back to list

7.1

CVE-2026-0827PATCHED

lenovo · diagnostics

CVE-2026-0827: During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareS

Description

During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write with elevated privileges.

Affected Products

Vendor	Product	Versions
lenovo	diagnostics	0, 0

References

https://support.lenovo.com/us/en/product_security/LEN-210693

Related News (1 articles)

Tier C

VulDB36d ago

CVE-2026-0827 | Lenovo Diagnostics/Vantage prior 5.26.0 link following

→ No new info (linked only)

CVSS 3.17.1 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

5.26.04.7.1.4

CWECWE-59

PublishedApr 15, 2026

Last enriched35d agov2

Trending Score1

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

Lenovo LegionSpace 1.7.11.2 'DAService' Unquoted Service Path Vulnerability

NONECVE-2026-6281EXP

CVE-2026-6281: A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authentic

NONECVE-2026-6282EXP

CVE-2026-6282: A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that

HIGHCVE-2026-4145

CVE-2026-4145: During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow

HIGHCVE-2026-4134

CVE-2026-4134: During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during ins

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 15, 2026

Discovered by ZDM

Apr 15, 2026

Updated: severity

Apr 15, 2026

Patch Available

Apr 15, 2026

Version History

v2

Last enriched 35d ago

v2Tier C36d ago

Updated severity to CRITICAL and corrected exploit availability to false.

severity

via VulDB

v136d ago

Initial creation