CVE-2026-0520

LOW 2.8

CVSS Score

2.8

EPSS Score

0.0%

EPSS Percentile

0th

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file.

CWE	CWE-532
Vendor	lenovo
Product	filez
Published	Mar 11, 2026
Last Updated	Mar 12, 2026

Stay Ahead of the Next One

Get instant alerts for lenovo filez

Be the first to know when new low vulnerabilities affecting lenovo filez are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected Versions

Lenovo / FileZ

0 < 11.1.0.37

References

NVD ↗ CVE.org ↗ EPSS Data ↗

filez.com: https://www.filez.com/securityPolicy

Credits

Lenovo thanks Wanjie from Huazhong University of Science and Technology for reporting this issue.