Local DoS in OpenHarmony v6.0 and prior: CVE-2026-25110 May 2026

Sensors_medical_sensor has a NULL pointer dereference vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.

Vulnerability Analysis

CVE-2026-25110 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

LOW

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Products Associated with CVE-2026-25110

Want to know whenever a new CVE is published for OpenHarmony? stack.watch will email you.

Local DoS in OpenHarmony v6.0 and prior
CVE-2026-25110 Published on May 19, 2026

Vulnerability Analysis

Weakness Type

NULL Pointer Dereference

Products Associated with CVE-2026-25110

Affected Versions

Local DoS in OpenHarmony v6.0 and priorCVE-2026-25110 Published on May 19, 2026

Vulnerability Analysis

Weakness Type

NULL Pointer Dereference

Products Associated with CVE-2026-25110

Affected Versions

Local DoS in OpenHarmony v6.0 and prior
CVE-2026-25110 Published on May 19, 2026