Huawei Harmonyos
1066 CVEs affecting Huawei Harmonyos. Latest disclosed: 2026-05-15. Critical: 5, High: 82.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-34157 | Critical | 10.0 | 2023-06-16 | Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app. |
CVE-2026-28536 | Critical | 9.6 | 2026-03-05 | Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confid… |
CVE-2025-64314 | Critical | 9.3 | 2025-11-28 | Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality. |
CVE-2024-42037 | Critical | 9.3 | 2024-08-08 | Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
CVE-2024-39671 | Critical | 9.3 | 2024-07-25 | Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
CVE-2025-54627 | High | 8.8 | 2025-08-06 | Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
CVE-2025-48906 | High | 8.8 | 2025-06-06 | Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2025-31173 | High | 8.8 | 2025-04-07 | Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentialit… |
CVE-2024-42038 | High | 8.8 | 2024-08-08 | Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, i… |
CVE-2024-58045 | High | 8.6 | 2025-03-04 | Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2024-54098 | High | 8.5 | 2024-12-12 | Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity. |
CVE-2026-41964 | High | 8.4 | 2026-05-15 | Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2026-24930 | High | 8.4 | 2026-02-06 | UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2026-24926 | High | 8.4 | 2026-02-06 | Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2025-68960 | High | 8.4 | 2026-01-14 | Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2025-68957 | High | 8.4 | 2026-01-14 | Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2025-66328 | High | 8.4 | 2025-12-08 | Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability. |
CVE-2025-66324 | High | 8.4 | 2025-12-08 | Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integri… |
CVE-2025-58302 | High | 8.4 | 2025-11-28 | Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
CVE-2025-58303 | High | 8.4 | 2025-11-28 | UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability. |