CVE-2026-34865
Out-of-Bounds Write in WEB Module Affecting Availability, Confidentiality
Publication date: 2026-04-13
Last updated on: 2026-04-17
Assigner: Huawei Technologies
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 6.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds write issue found in the WEB module. An out-of-bounds write occurs when a program writes data outside the boundaries of allocated memory, which can lead to unpredictable behavior.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability can impact both the availability and confidentiality of the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability impacts both availability and confidentiality, which are critical aspects of many compliance standards such as GDPR and HIPAA.
A successful exploitation could lead to unauthorized data exposure or service disruption, potentially causing non-compliance with regulations that require protection of personal data and system availability.