CVE-2026-34851

LOW

HarmonyOS - Denial of Service via Event Notification Module Race Condition

Title source: llm

Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.

Core 2

Core References

CVSS v3 2.2

EPSS 0.0013

EPSS Percentile 2.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-362

Status published

Products (4)

huawei/harmonyos 5.1.0

huawei/harmonyos 6.0.0

Huawei/HarmonyOS 5.1.0

Huawei/HarmonyOS 6.0.0

Published Apr 13, 2026

Tracked Since Apr 13, 2026