发布于2026.01.06

备注：OpenHarmony 5.0阶段各分支中当前主要对OpenHarmony-5.0.3-Release分支进行安全漏洞维护。

以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。

CVE	严重程度	CVSS 3.1得分	受影响的仓库	受影响的OpenHarmony版本	修复链接
CVE-2025-40105	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40102	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40077	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40064	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40054	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40049	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40035	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40021	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-40016	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-39946	无	尚未提供	kernel_linux_6.6	OpenHarmony-v6.0-Release	6.0.x
CVE-2025-39914	无	尚未提供	kernel_linux_6.6	OpenHarmony-v6.0-Release	6.0.x
CVE-2025-39806	无	尚未提供	kernel_linux_6.6	OpenHarmony-v6.0-Release	6.0.x
CVE-2025-39782	无	尚未提供	kernel_linux_5.10	OpenHarmony-v5.0.3-Release	5.0.3.x
CVE-2025-39749	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2025-39702	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2024-47674	中危	5.7	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release	6.0.x 5.1.0.x
CVE-2024-38594	中危	5.5	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release	6.0.x 5.1.0.x
CVE-2023-53673	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2023-53596	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2023-53594	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2023-53520	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2023-53491	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2023-53482	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x
CVE-2022-49054	无	尚未提供	kernel_linux_5.10	OpenHarmony-v6.0-Release OpenHarmony-v5.1.0-Release OpenHarmony-v5.0.3-Release	6.0.x 5.1.0.x 5.0.3.x

以下是各维护版本的安全补丁标签，请在合入当月及之前全部对应安全补丁之后，更新安全补丁标签。

对应维护版本	安全补丁修改方式参考链接
6.0.x	https://gitcode.com/openharmony/startup_init/pull/4306
5.1.0.x	https://gitcode.com/openharmony/startup_init/pull/4315
5.0.3.x	https://gitcode.com/openharmony/startup_init/pull/4305