CVE-2025-27247 – OpenHarmony Information Leak Vulnerability

June 8, 2025

CVE ID : CVE-2025-27247

Published : June 8, 2025, 12:15 p.m. | 9 hours, 38 minutes ago

Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-26691 – OpenHarmony Information Leak

Next Article CVE-2025-27242 – OpenHarmony Denial of Service Vulnerability

Highlights

CVE-2024-58134 – Mojolicious Default HMAC Session Secret Vulnerability

May 3, 2025

CVE ID : CVE-2024-58134

Published : May 3, 2025, 4:15 p.m. | 1 hour, 16 minutes ago

Description : Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application’s class name, as a HMAC session secret by default.

These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-27247 – OpenHarmony Information Leak Vulnerability

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

Microsoft tries to knife passwords once and for all – at least for consumers

Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack

Raising the Bar for AI Assistant in Adobe Experience Platform

Turn Siloed Metrics into Business-Driven Insights with Tx-Insights

CVE-2024-58134 – Mojolicious Default HMAC Session Secret Vulnerability

CVE-2025-3090 – Cisco Device Authentication Bypass Vulnerability

Assigning and completing issues with coding agent in GitHub Copilot

CVE-2025-25278 – OpenHarmony TCB Race Condition Arbitrary Code Execution Vulnerability

CVE-2025-27247 – OpenHarmony Information Leak Vulnerability

Related Posts