๐Ÿ” CVE Alert

CVE-2026-6511

MEDIUM 5.5
CVSS Score
5.5
EPSS Score
0.0%
EPSS Percentile
0th

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system.

CWE CWE-306
Vendor lenovo
Product smart connect
Published Jul 16, 2026
Stay Ahead of the Next One

Get instant alerts for lenovo smart connect

Be the first to know when new medium vulnerabilities affecting lenovo smart connect are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Affected Versions

Lenovo / Smart Connect
0 < 09.0.2.003.000

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
support.lenovo.com: https://support.lenovo.com/us/en/product_security/LEN-218281 lenovo.com: https://www.lenovo.com/us/en/software/smart-connect