Vendor Products CVEs KEV Avg EPSS Worst Severity 3 158 0 6.8% CRITICAL
CVE ID Description Severity CVSS KEV EPSS Published CVE-2026-0639 in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory. MEDIUM 5.5 — 5.0% Mar 16, 2026 CVE-2025-6969 in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input. MEDIUM 5.5 — 4.4% Mar 16, 2026 CVE-2025-52458 in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. HIGH 7.8 — 5.6% Mar 16, 2026 CVE-2025-41432 in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. HIGH 7.8 — 6.9% Mar 16, 2026 CVE-2025-26474 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios. LOW 3.3 — 3.5% Mar 16, 2026 CVE-2025-25277 in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios. HIGH 7.0 — 4.7% Mar 16, 2026 CVE-2025-12736 in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource. MEDIUM 6.5 — 6.3% Mar 16, 2026 CVE-2025-27577 in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. HIGH 7.0 — 0.9% Aug 11, 2025 CVE-2025-27562 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-27536 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-27128 in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. HIGH 7.8 — 3.3% Aug 11, 2025 CVE-2025-26690 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-25278 in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. HIGH 7.0 — 1.2% Aug 11, 2025 CVE-2025-25212 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-24925 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-24844 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. MEDIUM 5.5 — 1.6% Aug 11, 2025 CVE-2025-24298 in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. HIGH 7.8 — 3.3% Aug 11, 2025 CVE-2025-27563 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. MEDIUM 5.5 — 1.5% Jun 8, 2025 CVE-2025-27247 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. MEDIUM 5.5 — 1.7% Jun 8, 2025 CVE-2025-27242 in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. MEDIUM 5.5 — 1.8% Jun 8, 2025
Show all 100+ CVEs