High severity8.8NVD Advisory· Published May 19, 2026· Updated May 19, 2026
CVE-2026-27648
CVE-2026-27648
Description
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.
Affected products
1- Range: <=6.0
Patches
Vulnerability mechanics
References
1News mentions
1- OpenHarmony v6.0: Ten CVEs Disclosed in Single Advisory — Two Remote Code Execution Flaws in Pre-Installed AppsVypr Intelligence · May 19, 2026