Aggregates CVE and security vulnerability intelligence across all OpenAtom Foundation-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption, vendor risk buffer overflow, and vendor risk input validation and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-20102 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.07% | 2025-04-06 | 2026-06-17 |
| CVE-2025-24309 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-24301 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23420 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23418 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23414 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23409 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23240 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-23234 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22897 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22847 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22841 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22837 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22835 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-22443 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.06% | 2025-03-03 | 2026-06-17 |
| CVE-2025-21098 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check. | [email protected] | 5.5 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-21097 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-21089 | in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | [email protected] | 3.3 | 0.07% | 2025-03-03 | 2026-06-17 |
| CVE-2025-21084 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |
| CVE-2025-20626 | in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. | [email protected] | 3.8 | 0.16% | 2025-03-03 | 2026-06-17 |