CVE-2026-14371

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands.

Credits

Lenovo thanks Kai Haung of Armadin for reporting this vulnerability.

References