CVE-2026-25110
Local Denial of Service in OpenHarmony v6.0
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: OpenHarmony
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openharmony | open_harmony | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in OpenHarmony v6.0 and prior versions allows a local attacker to cause a denial of service (DOS) but does not impact confidentiality or integrity of data.
Since the vulnerability does not affect data confidentiality or integrity, it is unlikely to directly impact compliance with standards such as GDPR or HIPAA, which primarily focus on protecting personal data privacy and security.
However, availability is a component of some security frameworks, so organizations should consider the potential impact of DOS on system availability in their risk assessments.
Can you explain this vulnerability to me?
This vulnerability exists in OpenHarmony version 6.0 and earlier, where a local attacker can cause a denial of service (DOS) condition.
How can this vulnerability impact me? :
The impact of this vulnerability is that a local attacker with low privileges can cause a denial of service, potentially disrupting the availability of the affected system.