EUVD-2026-31560

🗓️ 24 May 2026 02:45:10Reported by EUVDType

Vulnerability in NousResearch hermes-agent up to 2026.4.16 enables remote authorization bypass.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-9350	24 May 202602:45	–	attackerkb
CNNVD	Hermes Agent 安全漏洞	24 May 202600:00	–	cnnvd
CVE	CVE-2026-9350	24 May 202602:45	–	cve
Cvelist	CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization	24 May 202602:45	–	cvelist
NVD	CVE-2026-9350	24 May 202604:17	–	nvd
Positive Technologies	PT-2026-42906	24 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-9350	26 May 202620:14	–	redhatcve
Vulnrichment	CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization	24 May 202602:45	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "b07605ce-2e9e-32c9-b454-5e02cf56994b",
        "vendor": {
          "name": "NousResearch"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "020c2bc3-7671-313e-81a5-fd4b33cc4140",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.8"
      },
      {
        "id": "1447e20f-b33b-3268-8d33-c8e009add474",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.9"
      },
      {
        "id": "15181812-6612-3e9e-ab31-54abab509fcd",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.16"
      },
      {
        "id": "288784e7-690a-3594-be1f-cf22b06248ae",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.10"
      },
      {
        "id": "2afe66b0-4c32-39a3-a0ac-e335c2abbcce",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.2"
      },
      {
        "id": "2cc3f85c-6b11-314e-a304-abde57ccf255",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.6"
      },
      {
        "id": "3fa83496-bdc4-345f-b53b-f5cbb8d4729c",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.4"
      },
      {
        "id": "427284a0-0b41-3c84-97df-7507afeecea2",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.12"
      },
      {
        "id": "4595f12f-2044-3daf-950b-63c3da20dda2",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.5"
      },
      {
        "id": "48c454f8-6342-3c8f-95de-286895c2180f",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.3"
      },
      {
        "id": "4be96765-b591-3b9f-8241-49d6efdf71bd",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.0"
      },
      {
        "id": "78266747-1517-3f8c-877c-ff12c50e385c",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.14"
      },
      {
        "id": "8338786e-946e-3e5b-8fb9-aad07d875fc2",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.11"
      },
      {
        "id": "be32fe3a-f8cf-32f7-af40-91c974235feb",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.13"
      },
      {
        "id": "c446a826-ac6d-3bda-b406-d79a5d186365",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.7"
      },
      {
        "id": "c730d225-730b-3dcd-950c-69a368410882",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.15"
      },
      {
        "id": "d6908029-17c6-38bb-8019-e24f6f889881",
        "product": {
          "name": "hermes-agent"
        },
        "product_version": "2026.4.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/365313
vuldb	www.vuldb.com/vuln/365313/cti
vuldb	www.vuldb.com/submit/812213
gist	www.gist.github.com/YLChen-007/22cada4c9060f5123dde6185135ae3ab

24 May 2026 02:45Current

6.8Medium risk

Vulners AI Score6.8

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.0005