Permission Control Vulnerability in Huawei's Contact Management System
CVE-2026-41961

5.9MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 15 May 2026

What is CVE-2026-41961?

A permission control vulnerability exists in Huawei's Contact Management System, where improper validation may allow an attacker to exploit user permissions. Successful exploitation could lead to disruptions in the availability of the service, potentially impacting users' ability to manage contacts effectively. It's crucial for users to ensure their systems are updated and patches are applied to mitigate potential risks.

Affected Version(s)

HarmonyOS 6.1.0

HarmonyOS 6.0.0

HarmonyOS 5.1.0

References

https://consumer.huawei.com/en/support/bulletin/2026/5/

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Apr 23, 2026

CVE-2026-41961 Data

JSON