Huawei Harmonyos
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Huawei Harmonyos.
By the Year
In 2026 there have been 99 vulnerabilities in Huawei Harmonyos with an average score of 5.8 out of ten. Last year, in 2025 Harmonyos had 189 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Harmonyos in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.38
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 99 | 5.80 |
| 2025 | 189 | 6.18 |
| 2024 | 187 | 6.55 |
| 2023 | 197 | 7.54 |
| 2022 | 257 | 7.54 |
| 2021 | 118 | 7.21 |
It may take a day or so for new Harmonyos vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Harmonyos Security Vulnerabilities
Huawei IPC module race condition impacting availability
CVE-2026-41982
6.4 - Medium
- June 09, 2026
Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
Dangling pointer
OOB Write in Huawei IPC Module (CVE-2026-41981)
CVE-2026-41981
5.3 - Medium
- June 09, 2026
Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
Heap-based Buffer Overflow
Denial of Service in Huawei Log Service
CVE-2026-41977
5 - Medium
- June 09, 2026
DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
Integer Overflow or Wraparound
Huawei Audio Framework Permission Control Vulnerability
CVE-2026-41976
6.6 - Medium
- June 09, 2026
Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission Issues
CVE-2026-41974: Permission Control Flaw in Huawei Service Notifications
CVE-2026-41974
3.6 - Low
- June 09, 2026
Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.
Permissions, Privileges, and Access Controls
Huawei Telephony Calls permissioncontrol flaw (CVE202641973)
CVE-2026-41973
5.9 - Medium
- June 09, 2026
Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
Business Logic Errors
Path Traversal Vuln in Huawei SMS App - Availability Impact
CVE-2026-41972
5.4 - Medium
- June 09, 2026
Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability.
Directory traversal
HUAWEI FS Logic Bypass Causing Availability Drop
CVE-2026-41986
2.4 - Low
- June 09, 2026
Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.
Unchecked Input for Loop Condition
UAF in Huawei Package Manager
CVE-2026-41985
5.1 - Medium
- June 09, 2026
UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Authorization
UAF in Huawei Package Management Module
CVE-2026-41984
5.2 - Medium
- June 09, 2026
UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Authorization
Huawei Browser Kernel DoS Exploit
CVE-2026-41983
4.3 - Medium
- June 09, 2026
DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability.
Resource Management Errors
Permission Control Vulnerability in Huawei File Preview Module
CVE-2026-41980
5.5 - Medium
- June 09, 2026
Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Information Disclosure
Huawei Print Module Permission Control Flaw (CVE-2026-41979)
CVE-2026-41979
5.5 - Medium
- June 09, 2026
Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality.
701
Permission Control Flaw in Huawei Clone Module
CVE-2026-41978
4.4 - Medium
- June 09, 2026
Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission Issues
Huawei Network Management Module Permission Escalation
CVE-2026-41975
6.3 - Medium
- June 09, 2026
Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
701
Huawei Distributed File System Module OOB Write Vulnerability
CVE-2026-41970
6.8 - Medium
- May 15, 2026
Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Huawei Projection Module: Permission Control Flaw
CVE-2026-41969
6.2 - Medium
- May 15, 2026
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission Issues
Huawei manufacturability design module Permission Control Flaw
CVE-2026-41968
5.9 - Medium
- May 15, 2026
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability.
Business Logic Errors
Huawei MD Module Permission Control Vulnerability (CVE-2026-41967)
CVE-2026-41967
5.9 - Medium
- May 15, 2026
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability.
Business Logic Errors
Huawei Smart Sensing Service Permission Control Vulnerability
CVE-2026-41966
5.6 - Medium
- May 15, 2026
Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Business Logic Errors
Huawei AppMgmt Module Permission Control Flaw with Confidentiality Impact
CVE-2026-41962
3.6 - Low
- May 15, 2026
Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permissions, Privileges, and Access Controls
Huawei Contacts Permission Control Vulnerability
CVE-2026-41961
5.9 - Medium
- May 15, 2026
Permission control vulnerability in contacts. Impact: Successful exploitation of this vulnerability may affect availability.
Business Logic Errors
Denial of Service - Huawei Calls Permission Control Vulnerability
CVE-2026-41960
5.8 - Medium
- May 15, 2026
Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
Information Disclosure
Huawei Security Control Module Permission Control Vulnerability
CVE-2026-41971
5.5 - Medium
- May 15, 2026
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Business Logic Errors
Huawei web UAF vulnerability May lead to DoS
CVE-2026-41965
5.6 - Medium
- May 15, 2026
Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.
Business Logic Errors
Stack Overflow Vulnerability in Huawei Media Platform (DoS)
CVE-2026-41963
2.8 - Low
- May 15, 2026
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
Stack Overflow
Huawei Web UI Permission Control Vulnerability (CVE-2026-41964)
CVE-2026-41964
8.4 - High
- May 15, 2026
Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei OOB Write in WEB Module (CVE-2026-34866)
CVE-2026-34866
5.1 - Medium
- April 13, 2026
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Classic Buffer Overflow
Huawei WEB Module OOB Write CVE-2026-34865
CVE-2026-34865
- April 13, 2026
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Heap-based Buffer Overflow
Boundary-UNL Vulnerability in Huawei App Read Module
CVE-2026-34864
6.8 - Medium
- April 13, 2026
Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability.
Buffer Overflow
Huawei FS OOB Write, Availability Impact
CVE-2026-34863
6.7 - Medium
- April 13, 2026
Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Race Condition in Huawei Power Consumption Stats Module
CVE-2026-34862
6.3 - Medium
- April 13, 2026
Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei Thermal Management Module Race Condition Causing DoS
CVE-2026-34861
6.3 - Medium
- April 13, 2026
Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei Kernel Module UAF (CVE-2026-34859)
CVE-2026-34859
5.9 - Medium
- April 13, 2026
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Dangling pointer
Huawei UAF in Communication Module (CVE-2026-34858)
CVE-2026-34858
4.1 - Medium
- April 13, 2026
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei UAF in Comm Module
CVE-2026-34857
4.7 - Medium
- April 13, 2026
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
OOB Write in Huawei Kernel Module Enables DoS & Data Leak
CVE-2026-34855
5.7 - Medium
- April 13, 2026
Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Improper Input Validation
Huawei kernel module UAF vulnerability
CVE-2026-34854
5.7 - Medium
- April 13, 2026
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Dangling pointer
Huawei Screen Manager UAF Causing Availability Impact
CVE-2026-34849
2.5 - Low
- April 13, 2026
UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Use-After-Free in Huawei Communication Module
CVE-2026-34856
7.3 - High
- April 13, 2026
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei LBS Perm Bypass (CVE-2026-34853)
CVE-2026-34853
7.7 - High
- April 13, 2026
Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.
Privilege Context Switching Error
Improper Permission Control in Huawei Theme Setting Module
CVE-2026-28553
6.9 - Medium
- April 13, 2026
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission Issues
Huawei EMUI Multi-Mode Input System Double-Free Vulnerability
CVE-2026-34867
5.6 - Medium
- April 13, 2026
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.
Double-free
Access Control Bypass in Huawei Memo Module
CVE-2026-34860
4.1 - Medium
- April 13, 2026
Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Authorization
Stack overflow in Huawei MediaPlatform Component leads to DoS
CVE-2026-34852
6.1 - Medium
- April 13, 2026
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
Infinite Loop
Huawei Event Notification Module Race Condition (CVE-2026-34851)
CVE-2026-34851
2.2 - Low
- April 13, 2026
Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Race Condition in Huawei Notification Service (CVE-2026-34850)
CVE-2026-34850
1.9 - Low
- April 13, 2026
Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Huawei HarmonyOS SysService Framework Permission Bypass
CVE-2026-28542
7.3 - High
- March 05, 2026
Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
Improper Handling of Exceptional Conditions
Huawei Email App Improper Verification may Expose Service Confidential
CVE-2026-28548
7.1 - High
- March 05, 2026
Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Improper Privilege Management
Huawei Device Security Mgmt Module Race Condition
CVE-2026-28551
4.7 - Medium
- March 05, 2026
Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huawei Harmonyos or by Huawei? Click the Watch button to subscribe.
