Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    5048 vulnerabilities by HUAWEI

    CVE-2026-41986 (GCVE-0-2026-41986)

    Vulnerability from nvd – Published: 2026-06-09 06:52 – Updated: 2026-06-09 13:05
    VLAI
    Summary
    Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked input for loop condition
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41986",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:05:29.592920Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:05:38.660Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked input for loop condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:52:59.371Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41986",
        "datePublished": "2026-06-09T06:52:59.371Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:05:38.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41985 (GCVE-0-2026-41985)

    Vulnerability from nvd – Published: 2026-06-09 06:43 – Updated: 2026-06-09 13:06
    VLAI
    Summary
    UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41985",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:06:23.937016Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:06:37.264Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the package management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity."
                }
              ],
              "value": "UAF vulnerability in the package management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:43:49.237Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41985",
        "datePublished": "2026-06-09T06:43:49.237Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:06:37.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41984 (GCVE-0-2026-41984)

    Vulnerability from nvd – Published: 2026-06-09 06:42 – Updated: 2026-06-09 13:02
    VLAI
    Summary
    UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:01:46.067052Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:02:13.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the package management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity."
                }
              ],
              "value": "UAF vulnerability in the package management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:42:20.086Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41984",
        "datePublished": "2026-06-09T06:42:20.086Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:02:13.804Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41983 (GCVE-0-2026-41983)

    Vulnerability from nvd – Published: 2026-06-09 06:40 – Updated: 2026-06-09 13:07
    VLAI
    Summary
    DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-399 - Resource Management Errors
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41983",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:06:56.750394Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:07:08.186Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the browser kernel.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the browser kernel.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-399",
                  "description": "CWE-399 Resource Management Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:40:17.563Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41983",
        "datePublished": "2026-06-09T06:40:17.563Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:07:08.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41982 (GCVE-0-2026-41982)

    Vulnerability from nvd – Published: 2026-06-09 07:14 – Updated: 2026-06-09 12:55
    VLAI
    Summary
    Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:54:57.284423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:55:08.985Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Race condition vulnerability in the IPC module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Race condition vulnerability in the IPC module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:14:01.042Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41982",
        "datePublished": "2026-06-09T07:14:01.042Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:55:08.985Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41981 (GCVE-0-2026-41981)

    Vulnerability from nvd – Published: 2026-06-09 07:11 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:28.056243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:41.848Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the IPC module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the IPC module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:11:15.271Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41981",
        "datePublished": "2026-06-09T07:11:15.271Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:41.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41977 (GCVE-0-2026-41977)

    Vulnerability from nvd – Published: 2026-06-09 07:00 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer overflow or wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:11.880350Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:21.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the log service.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the log service.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer overflow or wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:00:42.946Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41977",
        "datePublished": "2026-06-09T07:00:42.946Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:21.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41976 (GCVE-0-2026-41976)

    Vulnerability from nvd – Published: 2026-06-09 06:59 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41976",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:33.886930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:43.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the audio framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the audio framework.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:59:07.915Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41976",
        "datePublished": "2026-06-09T06:59:07.915Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:43.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41974 (GCVE-0-2026-41974)

    Vulnerability from nvd – Published: 2026-06-09 06:57 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41974",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:00.934710Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:13.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in service notifications.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in service notifications.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:57:37.012Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41974",
        "datePublished": "2026-06-09T06:57:37.012Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:13.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41973 (GCVE-0-2026-41973)

    Vulnerability from nvd – Published: 2026-06-09 06:56 – Updated: 2026-06-09 13:03
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:03:25.767366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:03:36.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-840",
                  "description": "CWE-840 Business Logic Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:56:02.976Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41973",
        "datePublished": "2026-06-09T06:56:02.976Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:03:36.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41972 (GCVE-0-2026-41972)

    Vulnerability from nvd – Published: 2026-06-09 06:54 – Updated: 2026-06-09 13:04
    VLAI
    Summary
    Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:04:33.263836Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:04:42.956Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Path traversal vulnerability in the SMS app.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Path traversal vulnerability in the SMS app.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:54:24.215Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41972",
        "datePublished": "2026-06-09T06:54:24.215Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-06-09T13:04:42.956Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41980 (GCVE-0-2026-41980)

    Vulnerability from nvd – Published: 2026-06-09 03:51 – Updated: 2026-06-09 13:25
    VLAI
    Summary
    Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:25:27.919825Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:25:45.371Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the file preview module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the file preview module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:51:43.467Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41980",
        "datePublished": "2026-06-09T03:51:43.467Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:25:45.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41979 (GCVE-0-2026-41979)

    Vulnerability from nvd – Published: 2026-06-09 03:50 – Updated: 2026-06-09 13:30
    VLAI
    Summary
    Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-701 - Weaknesses Introduced During Design
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41979",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:30:00.845865Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:30:12.831Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the print module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the print module.\u00a0Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-701",
                  "description": "CWE-701 Weaknesses Introduced During Design",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:50:25.589Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41979",
        "datePublished": "2026-06-09T03:50:25.589Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:30:12.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41978 (GCVE-0-2026-41978)

    Vulnerability from nvd – Published: 2026-06-09 03:48 – Updated: 2026-06-09 13:42
    VLAI
    Summary
    Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41978",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:42:47.105012Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:42:55.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the clone module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the clone module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:48:55.966Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41978",
        "datePublished": "2026-06-09T03:48:55.966Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:42:55.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41975 (GCVE-0-2026-41975)

    Vulnerability from nvd – Published: 2026-06-09 03:47 – Updated: 2026-06-09 13:50
    VLAI
    Summary
    Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-701 - Weaknesses Introduced During Design
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41975",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:50:33.502333Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:50:47.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission management vulnerability in the network management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity.\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "Permission management vulnerability in the network management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-701",
                  "description": "CWE-701 Weaknesses Introduced During Design",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:47:10.167Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41975",
        "datePublished": "2026-06-09T03:47:10.167Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:50:47.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41982 (GCVE-0-2026-41982)

    Vulnerability from cvelistv5 – Published: 2026-06-09 07:14 – Updated: 2026-06-09 12:55
    VLAI
    Summary
    Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:54:57.284423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:55:08.985Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Race condition vulnerability in the IPC module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Race condition vulnerability in the IPC module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:14:01.042Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41982",
        "datePublished": "2026-06-09T07:14:01.042Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:55:08.985Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41981 (GCVE-0-2026-41981)

    Vulnerability from cvelistv5 – Published: 2026-06-09 07:11 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:28.056243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:41.848Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds write vulnerability in the IPC module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Out-of-bounds write vulnerability in the IPC module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:11:15.271Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41981",
        "datePublished": "2026-06-09T07:11:15.271Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:41.848Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41977 (GCVE-0-2026-41977)

    Vulnerability from cvelistv5 – Published: 2026-06-09 07:00 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer overflow or wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:11.880350Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:21.495Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the log service.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the log service.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer overflow or wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T07:00:42.946Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41977",
        "datePublished": "2026-06-09T07:00:42.946Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:21.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41976 (GCVE-0-2026-41976)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:59 – Updated: 2026-06-09 12:59
    VLAI
    Summary
    Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41976",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:59:33.886930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:59:43.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the audio framework.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the audio framework.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:59:07.915Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41976",
        "datePublished": "2026-06-09T06:59:07.915Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:59:43.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41974 (GCVE-0-2026-41974)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:57 – Updated: 2026-06-09 12:58
    VLAI
    Summary
    Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41974",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T12:58:00.934710Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T12:58:13.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in service notifications.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in service notifications.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:57:37.012Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41974",
        "datePublished": "2026-06-09T06:57:37.012Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T12:58:13.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41973 (GCVE-0-2026-41973)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:56 – Updated: 2026-06-09 13:03
    VLAI
    Summary
    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 4.3.1
    Affected: 4.3.0
    Affected: 4.2.0
    Affected: 4.0.0
    Create a notification for this product.
    Huawei EMUI Affected: 15.0.0
    Affected: 14.2.0
    Affected: 14.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:03:25.767366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:03:36.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.3.1"
                },
                {
                  "status": "affected",
                  "version": "4.3.0"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EMUI",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.0.0"
                },
                {
                  "status": "affected",
                  "version": "14.2.0"
                },
                {
                  "status": "affected",
                  "version": "14.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in calls.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Permission control vulnerability in calls.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-840",
                  "description": "CWE-840 Business Logic Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:56:02.976Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41973",
        "datePublished": "2026-06-09T06:56:02.976Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:03:36.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41972 (GCVE-0-2026-41972)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:54 – Updated: 2026-06-09 13:04
    VLAI
    Summary
    Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:04:33.263836Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:04:42.956Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Path traversal vulnerability in the SMS app.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Path traversal vulnerability in the SMS app.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:54:24.215Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41972",
        "datePublished": "2026-06-09T06:54:24.215Z",
        "dateReserved": "2026-04-23T01:42:44.928Z",
        "dateUpdated": "2026-06-09T13:04:42.956Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41986 (GCVE-0-2026-41986)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:52 – Updated: 2026-06-09 13:05
    VLAI
    Summary
    Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked input for loop condition
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Affected: 5.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41986",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:05:29.592920Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:05:38.660Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked input for loop condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:52:59.371Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41986",
        "datePublished": "2026-06-09T06:52:59.371Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:05:38.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41985 (GCVE-0-2026-41985)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:43 – Updated: 2026-06-09 13:06
    VLAI
    Summary
    UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41985",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:06:23.937016Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:06:37.264Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the package management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity."
                }
              ],
              "value": "UAF vulnerability in the package management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:43:49.237Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41985",
        "datePublished": "2026-06-09T06:43:49.237Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:06:37.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41984 (GCVE-0-2026-41984)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:42 – Updated: 2026-06-09 13:02
    VLAI
    Summary
    UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:01:46.067052Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:02:13.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "UAF vulnerability in the package management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity."
                }
              ],
              "value": "UAF vulnerability in the package management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:42:20.086Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41984",
        "datePublished": "2026-06-09T06:42:20.086Z",
        "dateReserved": "2026-04-23T01:42:44.930Z",
        "dateUpdated": "2026-06-09T13:02:13.804Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41983 (GCVE-0-2026-41983)

    Vulnerability from cvelistv5 – Published: 2026-06-09 06:40 – Updated: 2026-06-09 13:07
    VLAI
    Summary
    DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-399 - Resource Management Errors
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41983",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:06:56.750394Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:07:08.186Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "DoS vulnerability in the browser kernel.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect availability."
                }
              ],
              "value": "DoS vulnerability in the browser kernel.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-399",
                  "description": "CWE-399 Resource Management Errors",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T06:40:17.563Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinwearables/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41983",
        "datePublished": "2026-06-09T06:40:17.563Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:07:08.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41980 (GCVE-0-2026-41980)

    Vulnerability from cvelistv5 – Published: 2026-06-09 03:51 – Updated: 2026-06-09 13:25
    VLAI
    Summary
    Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:25:27.919825Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:25:45.371Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the file preview module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the file preview module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:51:43.467Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinvision/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41980",
        "datePublished": "2026-06-09T03:51:43.467Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:25:45.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41979 (GCVE-0-2026-41979)

    Vulnerability from cvelistv5 – Published: 2026-06-09 03:50 – Updated: 2026-06-09 13:30
    VLAI
    Summary
    Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-701 - Weaknesses Introduced During Design
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41979",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:30:00.845865Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:30:12.831Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the print module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the print module.\u00a0Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-701",
                  "description": "CWE-701 Weaknesses Introduced During Design",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:50:25.589Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41979",
        "datePublished": "2026-06-09T03:50:25.589Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:30:12.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41978 (GCVE-0-2026-41978)

    Vulnerability from cvelistv5 – Published: 2026-06-09 03:48 – Updated: 2026-06-09 13:42
    VLAI
    Summary
    Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41978",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:42:47.105012Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:42:55.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission control vulnerability in the clone module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service confidentiality."
                }
              ],
              "value": "Permission control vulnerability in the clone module.\u00a0Impact: Successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "CWE-275 Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:48:55.966Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41978",
        "datePublished": "2026-06-09T03:48:55.966Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:42:55.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41975 (GCVE-0-2026-41975)

    Vulnerability from cvelistv5 – Published: 2026-06-09 03:47 – Updated: 2026-06-09 13:50
    VLAI
    Summary
    Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-701 - Weaknesses Introduced During Design
    Assigner
    Impacted products
    Vendor Product Version
    Huawei HarmonyOS Affected: 6.1.0
    Affected: 6.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41975",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T13:50:33.502333Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-09T13:50:47.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HarmonyOS",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0"
                },
                {
                  "status": "affected",
                  "version": "6.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Permission management vulnerability in the network management module.\u0026nbsp;Impact: Successful exploitation of this vulnerability may affect service integrity.\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "Permission management vulnerability in the network management module.\u00a0Impact: Successful exploitation of this vulnerability may affect service integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-701",
                  "description": "CWE-701 Weaknesses Introduced During Design",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T03:47:10.167Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "url": "https://consumer.huawei.com/en/support/bulletin/2026/6/"
            },
            {
              "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/6/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2026-41975",
        "datePublished": "2026-06-09T03:47:10.167Z",
        "dateReserved": "2026-04-23T01:42:44.929Z",
        "dateUpdated": "2026-06-09T13:50:47.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }