CVE-2026-40515
Received Received - Intake

Permission Bypass in OpenHarness Allows Sensitive File Disclosure

Vulnerability report for CVE-2026-40515, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-17

Last updated on: 2026-04-24

Assigner: VulnCheck

Description

OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attackers can invoke the built-in grep and glob tools with sensitive root directories that are not properly evaluated against configured path rules, allowing disclosure of sensitive local file content, key material, configuration files, or directory contents despite configured path restrictions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-17
Last Modified
2026-04-24
Generated
2026-07-06
AI Q&A
2026-04-18
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
hkuds openharness to 2026-04-11 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

This vulnerability allows attackers to bypass permission checks and read sensitive files, including key material and configuration files, despite configured path restrictions.

Such unauthorized disclosure of sensitive local file content could lead to violations of data protection regulations and standards like GDPR and HIPAA, which require strict controls over access to sensitive data.

Therefore, exploitation of this vulnerability may result in non-compliance with these regulations due to unauthorized data exposure.

Executive Summary

This vulnerability exists in OpenHarness before commit bd4df81 and is a permission bypass issue. It occurs because the permission checker does not fully normalize file paths, allowing attackers to exploit this incomplete path normalization.

Attackers can use built-in tools like grep and glob to access sensitive root directories that should be restricted by path rules. Due to improper evaluation of these paths, attackers can read sensitive files such as local file content, key material, configuration files, or directory listings despite the intended restrictions.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information. Attackers can read confidential files, including key material and configuration files, which may compromise system security.

Because the vulnerability allows remote attackers to bypass permissions without any privileges or user interaction, it poses a high risk of data exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40515. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart