CVE-2026-4145PATCHED

lenovo · software fix

CVE-2026-4145: During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow

Description

A vulnerability, which was classified as critical, was found in Lenovo Software Fix. The impacted element is an unknown function. Such manipulation leads to argument injection.

Affected Products

Vendor	Product	Versions
lenovo	software fix	0

References

https://support.lenovo.com/us/en/product_security/LEN-213829

Related News (1 articles)

Tier C

VulDB36d ago

CVE-2026-4145 | Lenovo Software Fix prior 7.5.5.19 argument injection

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

7.5.5.19

CWECWE-88

PublishedApr 15, 2026

Last enriched35d agov2

Trending Score1

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

PRE-CVE

Lenovo LegionSpace 1.7.11.2 'DAService' Unquoted Service Path Vulnerability

Trending: 19

NONECVE-2026-6281EXP

CVE-2026-6281: A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authentic

Trending: 12

NONECVE-2026-6282EXP

CVE-2026-6282: A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that

Trending: 12

HIGHCVE-2026-0827

CVE-2026-0827: During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareS

Trending: 1

HIGHCVE-2026-4134

CVE-2026-4134: During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during ins

Trending: 1

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 15, 2026

Discovered by ZDM

Apr 15, 2026

Patch Available

Apr 15, 2026

Updated: description, severity

Apr 15, 2026

Version History

Last enriched 35d ago

v2Tier C36d ago

Updated description with new technical details, changed severity to CRITICAL, and noted that no exploit is available.

descriptionseverity

via VulDB

v136d ago

Initial creation