CVE-2026-41981
Received Received - Intake
IPC Module Out-of-Bounds Write Vulnerability

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Huawei Technologies

Description
Out-of-bounds write vulnerability in the IPC module.Β Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-41981
EUVD
EUVD-2026-35364
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
huawei harmonyos From 5.1.0 (inc) to 6.1.0 (inc)
huawei harmonyos 6.0.0
huawei harmonyos 5.1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-41981 is an out-of-bounds write vulnerability found in the IPC (Inter-Process Communication) module of certain HUAWEI smart watches running HarmonyOS versions 5.1.0, 6.0.0, and 6.1.0.

An out-of-bounds write occurs when a program writes data outside the boundaries of allocated memory, which can lead to unexpected behavior or crashes.

Impact Analysis

Successful exploitation of this vulnerability may affect the availability of the affected device, potentially causing it to crash or become unresponsive.

Mitigation Strategies

To mitigate this vulnerability, ensure that your HUAWEI devices, specifically smart watches running HarmonyOS versions 5.1.0, 6.0.0, or 6.1.0, are updated to the latest available software version where this issue is addressed.

Since the vulnerability affects the IPC module and impacts device availability, applying official patches or updates from HUAWEI is the recommended immediate step.

Compliance Impact

The vulnerability is an out-of-bounds write in the IPC module that may affect device availability. There is no information provided about impacts on data confidentiality, integrity, or privacy that would directly relate to compliance with standards such as GDPR or HIPAA.

Therefore, based on the available information, it is not possible to determine how this vulnerability affects compliance with common standards and regulations like GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41981. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart