CVE-2026-6282 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: May 13, 2026
Lenovo Personal Cloud Storage - Path Traversal
Overview
Lenovo Personal Cloud Storage contains an improper file path validation vulnerability, letting remote authenticated users move or access files of other users on the same device, exploit requires authentication.
Severity & Score
Impact
Remote authenticated users can access or move other users' files, leading to data tampering and information disclosure.
Mitigation
Update to the latest available version.
Social Media Activity(2 posts)
š CVE-2026-6282 - High (8.1) A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device. š https://www.thehackerwire.com/vulnerability/CVE-2026-6282/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-6282 - High (8.1) A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device. š https://www.thehackerwire.com/vulnerability/CVE-2026-6282/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-6282
- Severity
- High
- CVSS Score
- 8.1
- Type
- path_traversal
- Status
- unconfirmed
- EPSS
- 6.1%
- Social Posts
- 2
CWE
- CWE-22
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N