Description
OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private prompts, credentials, tool output, and file paths via shared gateway channels.
Published: 2026-06-23
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenHarness exposes its /resume and /summary HTTP gateway commands with a default setting that allows any remote sender to invoke them. By sending crafted requests, an attacker can enumerate existing session snapshots and load them by numeric ID. The snapshots may contain private prompts, credentials, tool output, and file paths. This results in disclosure of sensitive information and is identified as a CWE‑862 Access Control weakness.

Affected Systems

The vulnerability applies to the HKUDS:OpenHarness product, specifically the ohmo gateway component that processes the /resume and /summary commands. No specific version information is provided in the advisory, so all releases that have not applied the commit 92e298852c9b9c8c2266236292073623418c640a remain affected.

Risk and Exploitability

The CVSS score of 7.1 indicates a moderate severity. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. The attack is likely to be performed remotely by any host that can reach the gateway channel; no additional authentication or local access is required. Because the flaw allows arbitrary session content to be retrieved, the impact can be significant in environments where session data contains privileged information.

Generated by OpenCVE AI on June 24, 2026 at 11:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch from commit 92e298852c9b9c8c2266236292073623418c640a or upgrade to a version that disables remote_invocable for /resume and /summary commands.
  • Reconfigure the gateway to set remote_invocable to False for these commands or otherwise restrict remote invocation.
  • Limit access to the ohmo gateway to trusted hosts by configuring firewall rules or network segmentation.

Generated by OpenCVE AI on June 24, 2026 at 11:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 23 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Hkuds
Hkuds openharness
Vendors & Products Hkuds
Hkuds openharness

Tue, 23 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private prompts, credentials, tool output, and file paths via shared gateway channels.
Title OpenHarness - Cross-Session Disclosure via /resume and /summary Commands
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Hkuds Openharness
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-24T13:54:18.287Z

Reserved: 2026-06-22T17:09:16.555Z

Link: CVE-2026-56695

cve-icon Vulnrichment

Updated: 2026-06-24T13:53:32.984Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T11:30:03Z

Weaknesses