CVE-2026-27766

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak

MEDIUMMonitor

Published:May 19, 2026(Today)

Modified:May 19, 2026

Local AccessNo InteractionLow Complexity

AI Explanation

A local attacker can cause an information leak on OpenHarmony v6.0 and prior versions. This vulnerability allows an attacker to access sensitive information, potentially leading to further attacks. Developers should take steps to mitigate this vulnerability and protect user data.

▶Show original NVD description

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak.

Users of OpenHarmony v6.0 and prior versions are at medium risk of information leaks, which can compromise sensitive data and lead to further security issues.

Local AccessLow ComplexityLow PrivilegesNo User Interaction

Monitor & Review

Low severity — keep this CVE on your radar and patch during routine maintenance.

Patch Status:Not Available

What should I do?

No official patch is available yet — apply vendor workarounds if provided.
Review the affected versions below to confirm your exposure.
Monitor this CVE for patch releases and apply them as soon as available.

How to Fix

1Update OpenHarmony to the latest version, 2. Implement data encryption and access controls, 3. Limit local access to sensitive information

Timeline

Published
CVE disclosed publicly
May 19, 2026Today
Last Modified
Most recent update
May 19, 2026Today
Indexed to CVEInsight
Added to this platform
May 19, 2026Today

References

https://gitcode.com/openharmony/security/tree/master/zh/security-discl...

CVSS Score

v3.1

5.5/ 10.0

MEDIUM

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

At a Glance

Affected Products

References

CVE-2026-27766

AI Explanation

How to Fix

Timeline

References

CVSS Score

At a Glance

Official Sources

CVSS v3 Vector

Impact Analysis

CVE-2026-27766

✦ AI Explanation

How to Fix

Timeline

References

CVSS Score

At a Glance

Official Sources

CVSS v3 Vector

Impact Analysis

AI Explanation