Lenovo FileZ app leaks sensitive data in rare circumstances

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.4

Lenovo FileZ app leaks sensitive data in rare circumstances

CVE-2026-0520

Summary

The Lenovo FileZ Android app stores sensitive data in a log file that can be accessed by a local user under specific conditions. This could lead to unauthorized access to sensitive information. Lenovo should be contacted to confirm the vulnerability and receive instructions on how to address it.

Original title

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log...

Original description

nvd CVSS3.1 2.8

nvd CVSS4.0 2.4

Vulnerability type

CWE-532 Insertion of Sensitive Information into Log File

https://www.filez.com/securityPolicy

Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026