CVE-2026-8637

HIGH 7.8

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges.

CWE	CWE-427
Vendor	lenovo
Product	lanschool classic
Published	Jun 10, 2026

Stay Ahead of the Next One

Get instant alerts for lenovo lanschool classic

Be the first to know when new high vulnerabilities affecting lenovo lanschool classic are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Lenovo / LanSchool Classic

0 < 9.3.1.30

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.lenovo.com: https://support.lenovo.com/us/en/product_security/LEN-217400

Credits

Lenovo thanks Rafael Reis for reporting this vulnerability.