CVE-2026-24928

CWE-680 CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 99.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui Huawei Harmonyos

Timeline

PublishedFeb 6

Description

Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:LExploitability: 1.0 | Impact: 4.7

Affected Packages4 packages

▶CVEListV5huawei/emui14.2.0

▶NVDhuawei/emui14.2.0

▶CVEListV5huawei/harmonyos4.2.0

▶NVDhuawei/harmonyos4.2.0

🔴Vulnerability Details

CVEList

CVE-2026-24928: Out-of-bounds write vulnerability in the file system module↗2026-02-06

▶

GHSA

GHSA-9ghp-m2hr-m2cj: Out-of-bounds write vulnerability in the file system module↗2026-02-06

▶