CVE-2026-6282

🗓️ 13 May 2026 14:15:15Reported by lenovoType

Potential improper file path validation in Lenovo Personal Cloud Storage allows remote authenticated users to access or move other users' files.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2026-6282	13 May 202614:15	–	attackerkb
CNNVD	Lenovo Personal Cloud Storage 路径遍历漏洞	13 May 202600:00	–	cnnvd
Cvelist	CVE-2026-6282	13 May 202614:15	–	cvelist
EUVD	EUVD-2026-30041	13 May 202618:30	–	euvd
NVD	CVE-2026-6282	13 May 202616:17	–	nvd
Positive Technologies	PT-2026-40699	13 May 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-6282	13 May 202614:15	–	vulnrichment

Vulners

CNA

Node

lenovo home_storage_hub_x20Range≤5.4.4.020.1

lenovo personal_cloud_a1sRange≤5.5.6.a1s

lenovo personal_cloud_x1Range≤5.4.7.01.1

[
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud T2s",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.5.6.t2s.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud T2Pro",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.4.8.t2pro.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud X1s",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.4.8.x1s.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Home Storage Hub T20",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.5.8.t20.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Home Storage Hub X20",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.4.4.x20.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud T1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "5.4.0.t1.6",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud A1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "5.4.2.a1.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud A1s",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "5.5.6.a1s",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud T2",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "5.4.5.t2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Lenovo",
    "product": "Personal Cloud X1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "5.4.7.x1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
pc	www.pc.lenovo.com.cn/tips/Ann/t1_eol.html
iknow	www.iknow.lenovo.com.cn/detail/440274

13 May 2026 16:27Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.18.1

CVSS 48.6

EPSS0.00068

SSVC

CWE-22