Every CVE whose affected-product data names Hkuds Openharness, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2026-40502 — CVSS 8.8 (high): OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke…
CVE-2026-7551 — CVSS 8.8 (high): HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by…
CVE-2026-40516 — CVSS 8.3 (high): OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows…
CVE-2026-6823 — CVSS 8.2 (high): HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit…
CVE-2026-40515 — CVSS 7.5 (high): OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting…
CVE-2026-40503 — CVSS 6.5 (medium): OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read…
CVE-2026-6729 — CVSS 6.3 (medium): HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in…