CVE-2026-40515

7.5 HIGH

Published: April 17, 2026 Modified: April 24, 2026

Description

OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attackers can invoke the built-in grep and glob tools with sensitive root directories that are not properly evaluated against configured path rules, allowing disclosure of sensitive local file content, key material, configuration files, or directory contents despite configured path restrictions.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://github.com/HKUDS/OpenHarness/commit/bd4df81f634f8c7cddcc3fdf7f561a13dcbf03ae

Source: disclosure@vulncheck.com

Patch

https://github.com/HKUDS/OpenHarness/pull/92

Source: disclosure@vulncheck.com

Exploit Issue Tracking

https://www.vulncheck.com/advisories/openharness-permission-bypass-via-grep-and-glob-root-argument

Source: disclosure@vulncheck.com

Third Party Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.5 / 10.0

EPSS (Exploit Probability)

0.0%

6th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-863

Affected Vendors

hkuds

Related CVEs

CVE-2026-6704 6.1

CVE-2026-6702 6.1

CVE-2026-6701 4.3

CVE-2026-6700 4.3

CVE-2026-6696 6.1