Cyber Resilience

CVE-2026-6819

HighPublic PoC

Published: 21 April 2026

Published
21 April 2026
Modified
07 May 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0029 20.8th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-6819 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Hkuds Openharness. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-6819 is a vulnerability in HKUDS OpenHarness prior to the remediation in Pull Request #156, where plugin lifecycle commands such as /plugin install, /plugin enable, /plugin disable, and /reload-plugins are exposed to remote senders by default. This incorrect default permissions issue, classified under CWE-276, carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.

Remote attackers can exploit this vulnerability by gaining access through the channel layer, which requires user interaction. Once access is obtained, they can remotely manage plugin trust and activation states, enabling unauthorized installation and activation of plugins on the affected system.

Advisories and patches recommend applying the fix from Pull Request #156, available in the commit at https://github.com/HKUDS/OpenHarness/commit/59017e09880fcf9a6f60456a84fb982900b2c0b2 and included in release v0.1.7 at https://github.com/HKUDS/OpenHarness/releases/tag/v0.1.7. Additional details are provided in the VulnCheck advisory at https://www.vulncheck.com/advisories/hkuds-openharness-plugin-management-command-exposure.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation…

more

state, enabling unauthorized plugin installation and activation on the system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
Why these techniques?

The vulnerability exposes plugin lifecycle commands to remote attackers via the channel layer, directly enabling exploitation of a public-facing application (T1190) to achieve unauthorized plugin installation and activation, which facilitates ingress of malicious tools/plugins (T1105).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-6823Same product: Hkuds Openharness
CVE-2026-7551Same product: Hkuds Openharness
CVE-2026-40515Same product: Hkuds Openharness
CVE-2026-40516Same product: Hkuds Openharness
CVE-2026-40502Same product: Hkuds Openharness
CVE-2026-6729Same product: Hkuds Openharness
CVE-2026-32847Same vendor: Hkuds
CVE-2025-35062Shared CWE-276
CVE-2024-43166Shared CWE-276
CVE-2024-55225Shared CWE-276

Affected Assets

hkuds
openharness
≤ 0.1.7

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Principle of least privilege ensures plugin lifecycle commands are only accessible to authorized users or processes, directly preventing unauthorized remote management and activation of plugins.

prevent

Access enforcement mechanisms restrict execution of exposed plugin commands like install, enable, and disable to approved entities, blocking exploitation by remote senders.

prevent

Least functionality prohibits unnecessary exposure of plugin management commands to remote senders by default, eliminating the incorrect permission configuration.

References