CVE-2026-24792

OpenHarmony vulnerability CVE-2026-24792 affects OpenHarmony v6.0 and earlier, involving a race condition in web_webview that allows a remote attacker to achieve arbitrary code execution in pre-installed apps. The description does not specify the exact root cause details, affected files/functions...

CVE-2025-52458

CVE-2025-52458 affects arkcompiler_ets_runtime in OpenHarmony v5.1.0 and earlier. The flaw is an out-of-bounds write that can enable a local attacker to execute arbitrary code in pre-installed apps, with exploitation limited to restricted scenarios. The description indicates local attack vector a...

EUVD-2022-45537

Malicious code in bioql PyPI...

EUVD-2025-24108

Malicious code in bioql PyPI...

EUVD-2025-24111

Malicious code in bioql PyPI...

EUVD-2025-24109

Malicious code in bioql PyPI...

CVE-2025-24925 applications_settings has a missing release of memory vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory...

CVE-2025-26691 telephony_call_manager has an improper preservation of permissions vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

CVE-2024-21851

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow...

OpenHarmony 代码问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A code issue vulnerability exists in OpenHarmony 5.0.3 and earlier versions, which stems from a null pointer dereference that could lead to a denial of service...

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.0.0 and prior versions. A local attacker exploited the vulnerability to cause a service crash via integer...

CVE-2023-0083

The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash...

CVE-2023-24465 Communication Wi-Fi  subsystem has a null pointer reference vulnerability when receving external data.

Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash...

CVE-2022-41686 Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading...

OpenHarmony 授权问题漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony v3.1.1 and earlier versions, which stems from the presence of a privilege bypass vulnerability that allows a LAN attacker to bypass...