Skip to main content

Openharness CVE-2026-6729

| EUVDEUVD-2026-23983 MEDIUM
Improper Authentication (CWE-287)
2026-04-20 disclosure@vulncheck.com GHSA-pvmf-7x77-8q82
5.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
Apr 20, 2026 - 23:00 vuln.today
EUVD ID Assigned
Apr 20, 2026 - 22:22 euvd
EUVD-2026-23983
Analysis Generated
Apr 20, 2026 - 22:22 vuln.today
CVE Published
Apr 20, 2026 - 22:16 nvd
MEDIUM 5.3

DescriptionCVE.org

HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse another user's conversation state and replace or interrupt their active tasks by colliding into the same session boundary through the shared chat or thread scope.

AnalysisAI

Session key derivation in HKUDS OpenHarness prior to PR #159 fails to verify sender identity in shared chat/thread scopes, allowing authenticated users to hijack other participants' sessions and disrupt their active tasks through collision attacks on the shared ohmo session key. The vulnerability requires prior authentication and network access but enables lateral privilege escalation within collaborative environments. No public exploit code has been identified, though the fix is available via upstream commit 3186851c.

Technical ContextAI

HKUDS OpenHarness uses a session key derivation mechanism (ohmo) that is scoped to shared chats or threads but lacks cryptographic binding to sender identity. This violates CWE-287 (Improper Authentication) by deriving session keys from shared context alone, allowing any authenticated participant to compute valid session keys for other users in the same chat/thread scope. The vulnerability exists in the session establishment protocol where the derived session key does not include a unique per-user component, enabling session fixation and state collision attacks. Attackers exploit this by reusing another user's conversation state through the shared boundary, effectively hijacking the session and replacing or interrupting the victim's active tasks.

RemediationAI

Update HKUDS OpenHarness to incorporate commit 3186851c479ee714a9bb9aa6cd77017db7e589e2 or any subsequent release that includes PR #159. Developers should modify the session key derivation to include sender identity (e.g., user ID, cryptographic identity) as a mandatory component, ensuring each participant derives unique session keys even within the same chat/thread scope. As an interim compensating control, restrict chat/thread membership to minimally necessary participants and monitor for anomalous session state changes (task interruptions, unexpected conversation context switches). However, compensating controls do not eliminate the vulnerability and should not replace patching. See https://github.com/HKUDS/OpenHarness/pull/159 and the VulnCheck advisory at https://www.vulncheck.com/advisories/hkuds-openharness-session-key-collision-privilege-escalation for implementation details.

CVE-2026-7551 HIGH
8.7 Apr 30

Remote code execution in HKUDS OpenHarness allows authenticated remote attackers to execute arbitrary operating system c

CVE-2026-40502 HIGH
8.7 Apr 16

Remote command injection in OpenHarness gateway handler allows authenticated remote chat users to execute administrative

CVE-2026-6819 HIGH
8.7 Apr 21

Remote attackers can install and activate arbitrary plugins in HKUDS OpenHarness through exposed plugin management comma

CVE-2026-40515 HIGH
8.7 Apr 17

Remote unauthenticated attackers can bypass path restrictions in OpenHarness (pre-commit bd4df81) to read arbitrary sens

CVE-2026-22682 HIGH
8.4 Apr 07

Improper access control in OpenHarness (prior to commit 166fcfe) allows local authenticated attackers with influence ove

CVE-2026-6823 HIGH
8.3 Apr 21

HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote cha

CVE-2026-40516 HIGH
7.8 Apr 17

Server-Side Request Forgery in OpenHarness AI agent framework (pre-commit bd4df81) permits remote unauthenticated attack

CVE-2026-56695 HIGH
7.1 Jun 23

Cross-session information disclosure in HKUDS OpenHarness ohmo gateway allows admitted remote senders to invoke /resume

CVE-2026-40503 HIGH
7.1 Apr 16

Path traversal in OpenHarness allows authenticated gateway users with chat access to read arbitrary files on the server

CVE-2026-56696 MEDIUM
5.3 Jun 23

Remote prompt injection in OpenHarness allows low-privileged messaging channel participants to persistently corrupt AI a

Share

CVE-2026-6729 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy