- How many CVEs does Lenovo have?
- Lenovo has 519 published CVE records since 2007, including 81 in the last two years.
- How many Lenovo CVEs are in CISA KEV?
- Yes — 1 of Lenovo's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Lenovo products have the most CVEs?
- The Lenovo products with the most published CVEs are BIOS, xClarity Administrator, thinkcentre m625q, thinkcentre m625q firmware, ideacentre gaming 5-14iob6.
- What are the most common weakness types in Lenovo CVEs?
- Lenovo's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-427 (Uncontrolled Search Path Element), CWE-276 (Incorrect Default Permissions), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')).
- Are there public exploits for Lenovo vulnerabilities?
- Yes — 11 of Lenovo's CVEs have a known public exploit.
- How many critical Lenovo vulnerabilities are there?
- Lenovo has 19 critical and 243 high-severity CVEs.
- What is the average severity of Lenovo CVEs?
- The average CVSS base score across Lenovo's scored CVEs is 7.0.