CVE-2026-40515
Received Received - Intake
Permission Bypass in OpenHarness Allows Sensitive File Disclosure

Publication date: 2026-04-17

Last updated on: 2026-04-24

Assigner: VulnCheck

Description
OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attackers can invoke the built-in grep and glob tools with sensitive root directories that are not properly evaluated against configured path rules, allowing disclosure of sensitive local file content, key material, configuration files, or directory contents despite configured path restrictions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-17
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-18
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40515
EUVD
EUVD-2026-23450
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hkuds openharness to 2026-04-11 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability allows attackers to bypass permission checks and read sensitive files, including key material and configuration files, despite configured path restrictions.

Such unauthorized disclosure of sensitive local file content could lead to violations of data protection regulations and standards like GDPR and HIPAA, which require strict controls over access to sensitive data.

Therefore, exploitation of this vulnerability may result in non-compliance with these regulations due to unauthorized data exposure.

Executive Summary

This vulnerability exists in OpenHarness before commit bd4df81 and is a permission bypass issue. It occurs because the permission checker does not fully normalize file paths, allowing attackers to exploit this incomplete path normalization.

Attackers can use built-in tools like grep and glob to access sensitive root directories that should be restricted by path rules. Due to improper evaluation of these paths, attackers can read sensitive files such as local file content, key material, configuration files, or directory listings despite the intended restrictions.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information. Attackers can read confidential files, including key material and configuration files, which may compromise system security.

Because the vulnerability allows remote attackers to bypass permissions without any privileges or user interaction, it poses a high risk of data exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40515. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart