CVE-2025-52458 arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

CVE-2025-41432

The CVE-2025-41432 entry concerns OpenHarmony v5.1.0 and earlier, where the arkcompiler_ets_runtime component is affected. The vulnerability is described as an out-of-bounds write that enables a local attacker to achieve arbitrary code execution within pre-installed apps, under restricted conditi...

CVE-2025-25277 arkcompiler_ets_runtime has a type confusion vulnerability

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...

CVE-2024-28951 Arkcompiler runtime has a use after free vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free...