Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2062 vulnerabilities found for EMUI by Huawei

    CVE-2026-41977 (GCVE-0-2026-41977)

    Vulnerability from nvd – Published: 2026-06-09 07:00 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer overflow or wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:11.880350Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:21.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the log service.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the log service.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer overflow or wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:00:42.946Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41977",
        "datePublished": "2026-06-09T07:00:42.946Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:21.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41976 (GCVE-0-2026-41976)

    Vulnerability from nvd – Published: 2026-06-09 06:59 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41976",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:33.886930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:43.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the audio framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the audio framework.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:59:07.915Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41976",
        "datePublished": "2026-06-09T06:59:07.915Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:43.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41974 (GCVE-0-2026-41974)

    Vulnerability from nvd – Published: 2026-06-09 06:57 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41974",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:00.934710Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:13.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in service notifications.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in service notifications.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:57:37.012Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41974",
        "datePublished": "2026-06-09T06:57:37.012Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:13.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41973 (GCVE-0-2026-41973)

    Vulnerability from nvd – Published: 2026-06-09 06:56 – Updated: 2026-06-09 13:03
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:03:25.767366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:03:36.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-840",
                  "description": "CWE-840 Business Logic Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:56:02.976Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41973",
        "datePublished": "2026-06-09T06:56:02.976Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:03:36.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41970 (GCVE-0-2026-41970)

    Vulnerability from nvd – Published: 2026-05-15 09:33 – Updated: 2026-05-15 10:30
    VLAI
    Summary
    Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T10:29:58.989516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T10:30:15.387Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the distributed file system module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the distributed file system module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:33:13.981Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41970",
        "datePublished": "2026-05-15T09:33:13.981Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-05-15T10:30:15.387Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41969 (GCVE-0-2026-41969)

    Vulnerability from nvd – Published: 2026-05-15 09:31 – Updated: 2026-05-15 10:52
    VLAI
    Summary
    Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41969",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T10:52:04.462069Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T10:52:33.668Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the projection module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the projection module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:31:18.940Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41969",
        "datePublished": "2026-05-15T09:31:18.940Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-05-15T10:52:33.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41960 (GCVE-0-2026-41960)

    Vulnerability from nvd – Published: 2026-05-15 09:20 – Updated: 2026-05-15 11:02
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41960",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T11:01:51.838838Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T11:02:05.990Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:20:56.896Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41960",
        "datePublished": "2026-05-15T09:20:56.896Z",
        "dateReserved": "2026-04-23T01:42:44.927Z",
        "dateUpdated": "2026-05-15T11:02:05.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34859 (GCVE-0-2026-34859)

    Vulnerability from nvd – Published: 2026-04-13 04:07 – Updated: 2026-04-13 13:27
    VLAI
    Summary
    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.0
    Affected: 4.2.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34859",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T13:27:38.779665Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T13:27:45.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "UAF vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:07:39.550Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34859",
        "datePublished": "2026-04-13T04:07:39.550Z",
        "dateReserved": "2026-03-31T01:11:13.701Z",
        "dateUpdated": "2026-04-13T13:27:45.919Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34855 (GCVE-0-2026-34855)

    Vulnerability from nvd – Published: 2026-04-13 04:03 – Updated: 2026-04-13 15:00
    VLAI
    Summary
    Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper input validation
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34855",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:00:37.990624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:00:46.304Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper input validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:03:38.754Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34855",
        "datePublished": "2026-04-13T04:03:38.754Z",
        "dateReserved": "2026-03-31T01:11:13.701Z",
        "dateUpdated": "2026-04-13T15:00:46.304Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34854 (GCVE-0-2026-34854)

    Vulnerability from nvd – Published: 2026-04-13 04:01 – Updated: 2026-04-13 15:01
    VLAI
    Summary
    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34854",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:00:59.383442Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:01:06.879Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "UAF vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:01:47.279Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34854",
        "datePublished": "2026-04-13T04:01:47.279Z",
        "dateReserved": "2026-03-31T01:11:13.700Z",
        "dateUpdated": "2026-04-13T15:01:06.879Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34853 (GCVE-0-2026-34853)

    Vulnerability from nvd – Published: 2026-04-13 03:54 – Updated: 2026-04-13 15:02
    VLAI
    Summary
    Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-270 - Privilege context switching error
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34853",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:01:59.538807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:02:08.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission bypass vulnerability in the LBS module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission bypass vulnerability in the LBS module.\nImpact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-270",
                  "description": "CWE-270 Privilege context switching error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T03:55:21.857Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34853",
        "datePublished": "2026-04-13T03:54:55.483Z",
        "dateReserved": "2026-03-31T01:11:13.700Z",
        "dateUpdated": "2026-04-13T15:02:08.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28553 (GCVE-0-2026-28553)

    Vulnerability from nvd – Published: 2026-04-13 03:53 – Updated: 2026-04-13 15:02
    VLAI
    Summary
    Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:02:22.155523Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:02:31.882Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability of improper permission control in the theme setting module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Vulnerability of improper permission control in the theme setting module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T03:53:07.148Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28553",
        "datePublished": "2026-04-13T03:53:07.148Z",
        "dateReserved": "2026-02-28T03:58:12.089Z",
        "dateUpdated": "2026-04-13T15:02:31.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28548 (GCVE-0-2026-28548)

    Vulnerability from nvd – Published: 2026-03-05 08:28 – Updated: 2026-03-05 14:51
    VLAI
    Summary
    Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Affected: 2.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Affected: 12.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:50:57.161550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:51:18.646Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                },
                {
                  "status": "affected",
                  "version": "12.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability of improper verification in the email application.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Vulnerability of improper verification in the email application.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T08:28:20.416Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28548",
        "datePublished": "2026-03-05T08:28:20.416Z",
        "dateReserved": "2026-02-28T03:58:12.088Z",
        "dateUpdated": "2026-03-05T14:51:18.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28542 (GCVE-0-2026-28542)

    Vulnerability from nvd – Published: 2026-03-05 08:29 – Updated: 2026-03-05 14:42
    VLAI
    Summary
    Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Create a notification for this product.
    Huawei EMUI Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28542",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:41:59.478588Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:42:06.487Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission bypass vulnerability in the system service framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission bypass vulnerability in the system service framework.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T08:29:45.155Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28542",
        "datePublished": "2026-03-05T08:29:45.155Z",
        "dateReserved": "2026-02-28T03:58:12.088Z",
        "dateUpdated": "2026-03-05T14:42:06.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28552 (GCVE-0-2026-28552)

    Vulnerability from nvd – Published: 2026-03-05 07:45 – Updated: 2026-03-05 15:41
    VLAI
    Summary
    Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-19 - Data Processing Errors
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28552",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T15:29:06.375574Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T15:41:13.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the IMS module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the IMS module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-19",
                  "description": "CWE-19 Data Processing Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T07:45:56.482Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28552",
        "datePublished": "2026-03-05T07:45:56.482Z",
        "dateReserved": "2026-02-28T03:58:12.089Z",
        "dateUpdated": "2026-03-05T15:41:13.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41977 (GCVE-0-2026-41977)

    Vulnerability from cvelistv5 – Published: 2026-06-09 07:00 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer overflow or wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:11.880350Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:21.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the log service.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the log service.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer overflow or wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:00:42.946Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41977",
        "datePublished": "2026-06-09T07:00:42.946Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:21.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41976 (GCVE-0-2026-41976)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:59 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41976",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:33.886930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:43.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the audio framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the audio framework.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:59:07.915Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41976",
        "datePublished": "2026-06-09T06:59:07.915Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:43.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41974 (GCVE-0-2026-41974)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:57 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41974",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:00.934710Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:13.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in service notifications.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in service notifications.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:57:37.012Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41974",
        "datePublished": "2026-06-09T06:57:37.012Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:13.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41973 (GCVE-0-2026-41973)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:56 – Updated: 2026-06-09 13:03
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:03:25.767366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:03:36.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-840",
                  "description": "CWE-840 Business Logic Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:56:02.976Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41973",
        "datePublished": "2026-06-09T06:56:02.976Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:03:36.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41970 (GCVE-0-2026-41970)

    Vulnerability from cvelistv5 – Published: 2026-05-15 09:33 – Updated: 2026-05-15 10:30
    VLAI
    Summary
    Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T10:29:58.989516Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T10:30:15.387Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the distributed file system module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the distributed file system module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:33:13.981Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41970",
        "datePublished": "2026-05-15T09:33:13.981Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-05-15T10:30:15.387Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41969 (GCVE-0-2026-41969)

    Vulnerability from cvelistv5 – Published: 2026-05-15 09:31 – Updated: 2026-05-15 10:52
    VLAI
    Summary
    Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41969",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T10:52:04.462069Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T10:52:33.668Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the projection module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the projection module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:31:18.940Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41969",
        "datePublished": "2026-05-15T09:31:18.940Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-05-15T10:52:33.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41960 (GCVE-0-2026-41960)

    Vulnerability from cvelistv5 – Published: 2026-05-15 09:20 – Updated: 2026-05-15 11:02
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41960",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T11:01:51.838838Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T11:02:05.990Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T09:20:56.896Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/5/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41960",
        "datePublished": "2026-05-15T09:20:56.896Z",
        "dateReserved": "2026-04-23T01:42:44.927Z",
        "dateUpdated": "2026-05-15T11:02:05.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34859 (GCVE-0-2026-34859)

    Vulnerability from cvelistv5 – Published: 2026-04-13 04:07 – Updated: 2026-04-13 13:27
    VLAI
    Summary
    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.0
    Affected: 4.2.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34859",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T13:27:38.779665Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T13:27:45.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "UAF vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:07:39.550Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34859",
        "datePublished": "2026-04-13T04:07:39.550Z",
        "dateReserved": "2026-03-31T01:11:13.701Z",
        "dateUpdated": "2026-04-13T13:27:45.919Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34855 (GCVE-0-2026-34855)

    Vulnerability from cvelistv5 – Published: 2026-04-13 04:03 – Updated: 2026-04-13 15:00
    VLAI
    Summary
    Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper input validation
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34855",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:00:37.990624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:00:46.304Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper input validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:03:38.754Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34855",
        "datePublished": "2026-04-13T04:03:38.754Z",
        "dateReserved": "2026-03-31T01:11:13.701Z",
        "dateUpdated": "2026-04-13T15:00:46.304Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34854 (GCVE-0-2026-34854)

    Vulnerability from cvelistv5 – Published: 2026-04-13 04:01 – Updated: 2026-04-13 15:01
    VLAI
    Summary
    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34854",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:00:59.383442Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:01:06.879Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the kernel module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
                }
              ],
              "value": "UAF vulnerability in the kernel module.\nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T04:01:47.279Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34854",
        "datePublished": "2026-04-13T04:01:47.279Z",
        "dateReserved": "2026-03-31T01:11:13.700Z",
        "dateUpdated": "2026-04-13T15:01:06.879Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-34853 (GCVE-0-2026-34853)

    Vulnerability from cvelistv5 – Published: 2026-04-13 03:54 – Updated: 2026-04-13 15:02
    VLAI
    Summary
    Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-270 - Privilege context switching error
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-34853",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:01:59.538807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:02:08.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission bypass vulnerability in the LBS module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission bypass vulnerability in the LBS module.\nImpact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-270",
                  "description": "CWE-270 Privilege context switching error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T03:55:21.857Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-34853",
        "datePublished": "2026-04-13T03:54:55.483Z",
        "dateReserved": "2026-03-31T01:11:13.700Z",
        "dateUpdated": "2026-04-13T15:02:08.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28553 (GCVE-0-2026-28553)

    Vulnerability from cvelistv5 – Published: 2026-04-13 03:53 – Updated: 2026-04-13 15:02
    VLAI
    Summary
    Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T15:02:22.155523Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T15:02:31.882Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability of improper permission control in the theme setting module.\u003cbr\u003eImpact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Vulnerability of improper permission control in the theme setting module.\nImpact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-13T03:53:07.148Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/4/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28553",
        "datePublished": "2026-04-13T03:53:07.148Z",
        "dateReserved": "2026-02-28T03:58:12.089Z",
        "dateUpdated": "2026-04-13T15:02:31.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28542 (GCVE-0-2026-28542)

    Vulnerability from cvelistv5 – Published: 2026-03-05 08:29 – Updated: 2026-03-05 14:42
    VLAI
    Summary
    Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Create a notification for this product.
    Huawei EMUI Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28542",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:41:59.478588Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:42:06.487Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission bypass vulnerability in the system service framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission bypass vulnerability in the system service framework.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T08:29:45.155Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28542",
        "datePublished": "2026-03-05T08:29:45.155Z",
        "dateReserved": "2026-02-28T03:58:12.088Z",
        "dateUpdated": "2026-03-05T14:42:06.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28548 (GCVE-0-2026-28548)

    Vulnerability from cvelistv5 – Published: 2026-03-05 08:28 – Updated: 2026-03-05 14:51
    VLAI
    Summary
    Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.2.0
    Affected: 4.0.0
    Affected: 3.1.0
    Affected: 2.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 14.2.0
    Affected: 14.0.0
    Affected: 13.0.0
    Affected: 12.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T14:50:57.161550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T14:51:18.646Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                },
                {
                  "status": "affected",
                  "version": "13.0.0"
                },
                {
                  "status": "affected",
                  "version": "12.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability of improper verification in the email application.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Vulnerability of improper verification in the email application.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T08:28:20.416Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28548",
        "datePublished": "2026-03-05T08:28:20.416Z",
        "dateReserved": "2026-02-28T03:58:12.088Z",
        "dateUpdated": "2026-03-05T14:51:18.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28552 (GCVE-0-2026-28552)

    Vulnerability from cvelistv5 – Published: 2026-03-05 07:45 – Updated: 2026-03-05 15:41
    VLAI
    Summary
    Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-19 - Data Processing Errors
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.0.0
    Affected: 5.1.0
    Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28552",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-05T15:29:06.375574Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-05T15:41:13.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the IMS module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the IMS module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-19",
                  "description": "CWE-19 Data Processing Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-05T07:45:56.482Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/3/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-28552",
        "datePublished": "2026-03-05T07:45:56.482Z",
        "dateReserved": "2026-02-28T03:58:12.089Z",
        "dateUpdated": "2026-03-05T15:41:13.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }