Medium severity6.9NVD Advisory· Published Apr 13, 2026· Updated Apr 14, 2026

CVE-2026-28553

Description

Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Affected products

Huawei/Emui3 versions
cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:emui:14.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:emui:15.0.0:*:*:*:*:*:*:*
Huawei/Harmonyos4 versions
cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:harmonyos:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:harmonyos:4.3.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

consumer.huawei.com/en/support/bulletin/2026/4/nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.449
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000