CVE-2026-10587

A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode.

Credits

Lenovo thanks 0xiviel/Eva Crystal (XSource Security) for reporting this vulnerability.

References