Monthly
Local information disclosure in Huawei HarmonyOS and EMUI stems from a flawed permission-control check in the file system, letting a local actor read data that should be access-restricted. Exploitation requires local access plus user interaction (CVSS UI:R), and Huawei's own scoring rates it high impact; no public exploit was identified at time of analysis and it is not listed in CISA KEV. Note the vendor CVSS also asserts integrity and availability impact, which the one-line description (confidentiality only) does not substantiate.
Price parameter manipulation in SourceCodester Simple Food Ordering System 1.0 allows unauthenticated remote attackers to submit orders at arbitrary prices by modifying the item_price argument in POST requests to /cart.php. The server trusts client-supplied price data without server-side validation, enabling business logic bypass (CWE-840) that could result in financial loss for system operators. A public proof-of-concept exploit is available on GitHub; however, this vulnerability is not currently listed in the CISA KEV catalog.
Permission control bypass in Huawei HarmonyOS and EMUI's call-handling subsystem allows a locally present, unprivileged attacker to circumvent intended access restrictions, resulting in low-level impacts to confidentiality, integrity, and availability. The vulnerability stems from improper business logic governing permission enforcement (CWE-840), meaning the system fails to correctly validate whether a calling entity holds the required permissions before servicing a request. No public exploit code exists and the vulnerability has not been listed in the CISA Known Exploited Vulnerabilities catalog, but the low attack complexity and absence of privilege requirements lower the bar for local abuse.
Race condition in songquanpeng one-api's redemption code feature allows authenticated users to redeem a single-use code multiple times by sending concurrent requests before the transaction completes. The root cause is confirmed by PR diff: the codebase uses deprecated GORM v1 syntax (`tx.Set("gorm:query_option", "FOR UPDATE")`) that does not reliably apply a database row lock in GORM v2, leaving the transaction window unprotected. All versions up to 0.6.11-preview.7 are affected; a fix exists as an unmerged pull request, and publicly available exploit code is referenced in GitHub issue #2397 - no public exploit has been identified at time of analysis.
Business logic flaws in PublicCMS 5.202506.d trade payment controller allow unauthenticated remote attackers to manipulate payment processing workflows, potentially enabling payment bypass or unauthorized transaction modifications. Publicly available exploit code exists demonstrating the attack. The vulnerability affects three payment-related functions (TradeOrderController.pay, TradePaymentController.pay, AccountGatewayComponent.pay) in the publiccms-trade module. Vendor was notified but did not respond, and no patch has been announced.
A permission control vulnerability in HarmonyOS's manufacturability design module allows local attackers without privileges to read, modify, and degrade system availability through improper access controls. The vulnerability affects HarmonyOS across multiple versions and has a CVSS score of 5.9 (medium severity), with confirmed impacts on confidentiality, integrity, and availability despite the description emphasizing availability impact alone.
HarmonyOS manufacturability design module contains a permission control vulnerability (CWE-840) that allows local attackers without privileges to read sensitive information and modify system state on affected devices. The vulnerability has a CVSS score of 5.9 with local attack vector and low complexity, affecting confidentiality, integrity, and availability. Patch status and active exploitation status are not confirmed from available vendor advisory data.
Permission control vulnerability in Huawei HarmonyOS smart sensing service allows remote attackers to bypass access controls and disclose sensitive information with moderate complexity. The vulnerability affects service confidentiality and integrity across HarmonyOS versions, with CVSS 5.6 (AV:N/AC:H/PR:N/UI:N) indicating network-accessible exploitation requiring non-trivial conditions. No active exploitation in CISA KEV or public exploit code identified at time of analysis.
A permission control vulnerability in HarmonyOS Contacts allows local attackers without special privileges to access sensitive contact information and affect availability of the contacts application. The vulnerability exists across HarmonyOS versions and can be exploited without user interaction, resulting in information disclosure and potential service disruption.
Information disclosure in Huawei HarmonyOS security control module allows local attackers with user interaction to read sensitive data. The vulnerability stems from improper permission control in the security module, enabling unauthorized access to confidential information without requiring elevated privileges. CVSS 5.5 indicates moderate severity with local attack vector; no KEV status or public exploit confirmed at time of analysis.
Local information disclosure in Huawei HarmonyOS and EMUI stems from a flawed permission-control check in the file system, letting a local actor read data that should be access-restricted. Exploitation requires local access plus user interaction (CVSS UI:R), and Huawei's own scoring rates it high impact; no public exploit was identified at time of analysis and it is not listed in CISA KEV. Note the vendor CVSS also asserts integrity and availability impact, which the one-line description (confidentiality only) does not substantiate.
Price parameter manipulation in SourceCodester Simple Food Ordering System 1.0 allows unauthenticated remote attackers to submit orders at arbitrary prices by modifying the item_price argument in POST requests to /cart.php. The server trusts client-supplied price data without server-side validation, enabling business logic bypass (CWE-840) that could result in financial loss for system operators. A public proof-of-concept exploit is available on GitHub; however, this vulnerability is not currently listed in the CISA KEV catalog.
Permission control bypass in Huawei HarmonyOS and EMUI's call-handling subsystem allows a locally present, unprivileged attacker to circumvent intended access restrictions, resulting in low-level impacts to confidentiality, integrity, and availability. The vulnerability stems from improper business logic governing permission enforcement (CWE-840), meaning the system fails to correctly validate whether a calling entity holds the required permissions before servicing a request. No public exploit code exists and the vulnerability has not been listed in the CISA Known Exploited Vulnerabilities catalog, but the low attack complexity and absence of privilege requirements lower the bar for local abuse.
Race condition in songquanpeng one-api's redemption code feature allows authenticated users to redeem a single-use code multiple times by sending concurrent requests before the transaction completes. The root cause is confirmed by PR diff: the codebase uses deprecated GORM v1 syntax (`tx.Set("gorm:query_option", "FOR UPDATE")`) that does not reliably apply a database row lock in GORM v2, leaving the transaction window unprotected. All versions up to 0.6.11-preview.7 are affected; a fix exists as an unmerged pull request, and publicly available exploit code is referenced in GitHub issue #2397 - no public exploit has been identified at time of analysis.
Business logic flaws in PublicCMS 5.202506.d trade payment controller allow unauthenticated remote attackers to manipulate payment processing workflows, potentially enabling payment bypass or unauthorized transaction modifications. Publicly available exploit code exists demonstrating the attack. The vulnerability affects three payment-related functions (TradeOrderController.pay, TradePaymentController.pay, AccountGatewayComponent.pay) in the publiccms-trade module. Vendor was notified but did not respond, and no patch has been announced.
A permission control vulnerability in HarmonyOS's manufacturability design module allows local attackers without privileges to read, modify, and degrade system availability through improper access controls. The vulnerability affects HarmonyOS across multiple versions and has a CVSS score of 5.9 (medium severity), with confirmed impacts on confidentiality, integrity, and availability despite the description emphasizing availability impact alone.
HarmonyOS manufacturability design module contains a permission control vulnerability (CWE-840) that allows local attackers without privileges to read sensitive information and modify system state on affected devices. The vulnerability has a CVSS score of 5.9 with local attack vector and low complexity, affecting confidentiality, integrity, and availability. Patch status and active exploitation status are not confirmed from available vendor advisory data.
Permission control vulnerability in Huawei HarmonyOS smart sensing service allows remote attackers to bypass access controls and disclose sensitive information with moderate complexity. The vulnerability affects service confidentiality and integrity across HarmonyOS versions, with CVSS 5.6 (AV:N/AC:H/PR:N/UI:N) indicating network-accessible exploitation requiring non-trivial conditions. No active exploitation in CISA KEV or public exploit code identified at time of analysis.
A permission control vulnerability in HarmonyOS Contacts allows local attackers without special privileges to access sensitive contact information and affect availability of the contacts application. The vulnerability exists across HarmonyOS versions and can be exploited without user interaction, resulting in information disclosure and potential service disruption.
Information disclosure in Huawei HarmonyOS security control module allows local attackers with user interaction to read sensitive data. The vulnerability stems from improper permission control in the security module, enabling unauthorized access to confidential information without requiring elevated privileges. CVSS 5.5 indicates moderate severity with local attack vector; no KEV status or public exploit confirmed at time of analysis.