Huawei Harmonyos vulnerabilities

CVE-2026-34865 [CRITICAL] CWE-122 CVE-2026-34865: Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerab Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34853 [HIGH] CWE-270 CVE-2026-34853: Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerabi Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34856 [HIGH] CWE-362 CVE-2026-34856: UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-28553 [MEDIUM] CWE-275 CVE-2026-28553: Vulnerability of improper permission control in the theme setting module. Impact: Successful exploit Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-34859 [MEDIUM] CWE-416 CVE-2026-34859: UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34861 [MEDIUM] CWE-362 CVE-2026-34861: Race condition vulnerability in the thermal management module. Impact: Successful exploitation of th Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34867 [MEDIUM] CWE-415 CVE-2026-34867: Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vu Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34858 [MEDIUM] CWE-362 CVE-2026-34858: UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34852 [MEDIUM] CWE-835 CVE-2026-34852: Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerab Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34855 [MEDIUM] CWE-20 CVE-2026-34855: Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vuln Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34857 [MEDIUM] CWE-362 CVE-2026-34857: UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34863 [MEDIUM] CWE-787 CVE-2026-34863: Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulner Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34864 [MEDIUM] CWE-119 CVE-2026-34864: Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34866 [MEDIUM] CWE-120 CVE-2026-34866: Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerab Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34854 [MEDIUM] CWE-416 CVE-2026-34854: UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34860 [MEDIUM] CWE-284 CVE-2026-34860: Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerabili Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34862 [MEDIUM] CWE-362 CVE-2026-34862: Race condition vulnerability in the power consumption statistics module. Impact: Successful exploita Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34849 [LOW] CWE-362 CVE-2026-34849: UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerabi UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34851 [LOW] CWE-362 CVE-2026-34851: Race condition vulnerability in the event notification module. Impact: Successful exploitation of th Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-34850 [LOW] CWE-362 CVE-2026-34850: Race condition vulnerability in the notification service. Impact: Successful exploitation of this vu Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.