Known Vulnerabilities for System Update by Lenovo
Listed below are 10 of the newest known vulnerabilities associated with "System Update" by "Lenovo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41208 json | Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/... | Not Provided | 2026-04-23 | 2026-04-23 |
| CVE-2026-41030 json | In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privil... | Not Provided | 2026-04-16 | 2026-04-16 |
| CVE-2026-40317 json | NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUse... | Not Provided | 2026-04-18 | 2026-04-20 |
| CVE-2026-40179 json | Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 ... | Not Provided | 2026-04-15 | 2026-04-16 |
| CVE-2026-39462 json | A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied du... | Not Provided | 2026-04-24 | 2026-04-23 |
| CVE-2026-39340 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in PropertyTypeEdi... | Not Provided | 2026-04-07 | 2026-04-08 |
| CVE-2026-39329 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was identified in /Event... | Not Provided | 2026-04-07 | 2026-04-07 |
| CVE-2026-36919 json | Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/exampr... | Not Provided | 2026-04-13 | 2026-04-13 |
| CVE-2026-35372 json | A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --... | Not Provided | 2026-04-22 | 2026-04-22 |
| CVE-2026-34746 json | Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated Server-Side R... | Not Provided | 2026-04-01 | 2026-04-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Lenovo | System Update | 5.07.0106 | |||
| Application | Lenovo | System Update | 5.07.0088 | |||
| Application | Lenovo | System Update | 5.07.0084 | |||
| Application | Lenovo | System Update | 5.07.0072 | |||
| Application | Lenovo | System Update | 5.07.0019 | |||
| Application | Lenovo | System Update | 5.07.0013 | |||
| Application | Lenovo | System Update | 5.07.0008 | |||
| Application | Lenovo | System Update | 5.06.0043 | |||
| Application | Lenovo | System Update | 5.06.0034 | |||
| Application | Lenovo | System Update | 5.06.0027 | |||
| Application | Lenovo | System Update | - |