Local Data Exposure in Lenovo FileZ Android Application
CVE-2026-0520

2.4LOW

Key Information:

Vendor: Lenovo
Status: Filez
Vendor: CVE Published:; 11 March 2026

What is CVE-2026-0520?

A vulnerability exists in the Lenovo FileZ Android application that may allow a local authenticated user to access sensitive information stored in a log file. This exposure could potentially lead to unauthorized data retrieval, raising concerns for user privacy and application security. Proper mechanisms should be established to protect sensitive information and mitigate risks of local data access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FileZ Android 0 < 11.1.0.37

References

https://www.filez.com/securityPolicy

CVSS V4

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Mar 11, 2026
Vulnerability Reserved
Dec 16, 2025

Credit

Lenovo thanks Wanjie from Huazhong University of Science and Technology for reporting this issue.

JSON

Lenovo

What is CVE-2026-0520?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.