CVE-2026-41981
Deferred Deferred - Pending Action

IPC Module Out-of-Bounds Write Vulnerability

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Huawei Technologies

Description
Out-of-bounds write vulnerability in the IPC module.Β Impact: Successful exploitation of this vulnerability may affect availability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-29
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-41981
EUVD
EUVD-2026-35364

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
huawei harmonyos From 5.1.0 (inc) to 6.1.0 (inc)
huawei harmonyos 6.0.0
huawei harmonyos 5.1.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-41981 is an out-of-bounds write vulnerability found in the IPC (Inter-Process Communication) module of certain HUAWEI smart watches running HarmonyOS versions 5.1.0, 6.0.0, and 6.1.0.

An out-of-bounds write occurs when a program writes data outside the boundaries of allocated memory, which can lead to unexpected behavior or crashes.

Impact Analysis

Successful exploitation of this vulnerability may affect the availability of the affected device, potentially causing it to crash or become unresponsive.

Mitigation Strategies

To mitigate this vulnerability, ensure that your HUAWEI devices, specifically smart watches running HarmonyOS versions 5.1.0, 6.0.0, or 6.1.0, are updated to the latest available software version where this issue is addressed.

Since the vulnerability affects the IPC module and impacts device availability, applying official patches or updates from HUAWEI is the recommended immediate step.

Compliance Impact

The vulnerability is an out-of-bounds write in the IPC module that may affect device availability. There is no information provided about impacts on data confidentiality, integrity, or privacy that would directly relate to compliance with standards such as GDPR or HIPAA.

Therefore, based on the available information, it is not possible to determine how this vulnerability affects compliance with common standards and regulations like GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41981. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart