Use-After-Free Vulnerability in Huawei Package Management Module
CVE-2026-41985

5.1MEDIUM

Key Information:

Vendor

Huawei

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-41985?

A use-after-free (UAF) vulnerability exists within Huawei's package management module. This flaw can lead to unauthorized access and exploitation, potentially impacting the integrity of services provided by affected Huawei consumer devices, wearables, and laptops. Proper mitigation strategies are essential to safeguard systems from possible exploitation.

Affected Version(s)

HarmonyOS 6.1.0

References

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.