CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

CVE-2025-10237

During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions...

CVE-2025-10237

CVE-2025-10237 involves ThinkPad embedded controller firmware. A potential vulnerability could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions. The available connected records confirm a LOCAL attack vector with HIGH impact on confidentiality, integr...

PT-2026-48431

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

EUVD-2026-11351

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

Lenovo ThinkPad 缓冲区错误漏洞

Lenovo ThinkPad is a portable computer from Lenovo, a Chinese company. A security vulnerability exists in the Lenovo ThinkPad BIOS that stems from the presence of a stack-based buffer overflow vulnerability...