OpenHarmony CVE-2026-25781 Allows Local DOS, Unrecoverable Impact

/HIGH /CVSS 8.4/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitydenial-of-servicecwe-787
OpenHarmony CVE-2026-25781 Allows Local DOS, Unrecoverable Impact

A critical denial-of-service vulnerability, CVE-2026-25781, has been identified in OpenHarmony v6.0 and earlier versions. This flaw, attributed to CWE-787 (Improper Neutralization of Special Elements used in a Command), allows a local attacker to trigger a denial of service that is unrecoverable, according to the National Vulnerability Database.

National Vulnerability Database analysis indicates a CVSS score of 8.4 (HIGH) for this vulnerability. The vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N highlights that the attack requires local access and low privileges, but its impact is severe, leading to complete system unavailability without recovery.

For defenders, this means any OpenHarmony device with local user access is at risk. The attacker’s calculus is straightforward: gain local access, execute the exploit, and render the device unusable. CISOs must prioritize patching and strictly control local access to these systems. The unrecoverable nature of the DOS means incident response will involve system re-provisioning, a costly and disruptive exercise.

What This Means For You

  • If your organization deploys OpenHarmony devices running v6.0 or prior, you must identify these assets immediately. Prioritize patching CVE-2026-25781 to mitigate the risk of unrecoverable denial of service. Review local access controls for all such devices.

Indicators of Compromise

IDTypeIndicator
CVE-2026-25781 DoS OpenHarmony v6.0 and prior versions
CVE-2026-25781 DoS Local attacker

Written by SCW Vulnerability Desk

🔎
Track OpenHarmony Vulnerabilities Use /brief to get the latest analyst-ready threat summary, including new vulnerabilities like CVE-2026-25781.
Open Intel Bot →
Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 19, 2026 at 07:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-47308 — Samsung Open Source Walrus Null Pointer Dereference

CVE-2026-47308 — NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9.

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32994 — The /api/v1/autotranslate.translateMessage endpoint in

CVE-2026-32994 — The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-47307 — Samsung Open Source Walrus Denial of Service

CVE-2026-47307 — NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-476
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma