Product
CVE-2026-9046 describes an insecure permissions vulnerability in Lenovo's Legion Zone and Lenovo App Store Windows applications, distributed exclusively in the Chinese market, which, when installed on a non-system partition, allows a local low-privileged user to execute arbitrary code, leading to high impact on confidentiality, integrity, and availability.