Lucene search
K

213 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42764

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References8
NVD
NVD
added 3 days ago4 views

CVE-2026-15311

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS0.00203EPSS
Exploits0References7
CVE
CVE
added 4 days ago10 views

CVE-2026-15311

The CVE-2026-15311 entry concerns NousResearch hermes-agent (Matrix Adapter). The vulnerability specifically affects MatrixAdapter._markdown_to_html in gateway/platforms/matrix.py, enabling cross-site scripting. It can be exploited remotely and publicly available exploit code exists. The related ...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-15311 NousResearch hermes-agent Matrix Adapter matrix.py MatrixAdapter._markdown_to_html cross site scripting

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS0.00203EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/06 12:30 a.m.8 views

EUVD-2026-41794

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.6AI score0.00333EPSS
Exploits0References9
NVD
NVD
added 2026/07/06 12:16 a.m.7 views

CVE-2026-14783

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS0.00333EPSS
Exploits0References8
CVE
CVE
added 2026/07/05 11:45 p.m.16 views

CVE-2026-14783

NousResearch hermes-agent 2026.5.29.2 is affected; the vulnerability is in skills_tool.py, function skill_view, where manipulating the Name argument enables path traversal via a remote attack. Public disclosure of the exploit exists. A patch identified as 56f833efa427ccb444c0f9ad1759af1012f2124d ...

5.3CVSS5.6AI score0.00333EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/05 11:45 p.m.11 views

CVE-2026-14783

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.6AI score0.00333EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/07/05 11:45 p.m.30 views

CVE-2026-14783 NousResearch hermes-agent skills_tool.py skill_view path traversal

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS0.00333EPSS
Exploits0References8
NVD
NVD
added 2026/07/04 1:16 p.m.15 views

CVE-2026-14627

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter.isalloweduser of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can b...

6.3CVSS0.00369EPSS
Exploits0References5
NVD
NVD
added 2026/07/04 1:16 p.m.9 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/04 1:0 p.m.39 views

CVE-2026-14628 NousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversal

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:0 p.m.8 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/07/04 1:0 p.m.9 views

EUVD-2026-41673

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
CVE
CVE
added 2026/07/04 1:0 p.m.26 views

CVE-2026-14628

The CVE concerns NousResearch hermes-agent (up to 2026.5.16), specifically the Live Webhook Endpoint component’s gateway/platforms/base.py extract_media function. The vulnerability is a path traversal flaw that can be triggered remotely. Public exploit information exists, and CVSS metrics show a ...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/04 12:45 p.m.39 views

CVE-2026-14627 NousResearch hermes-agent Discord Platform Integration discord.py DiscordAdapter._is_allowed_user improper authentication

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter.isalloweduser of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can b...

6.3CVSS0.00369EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/04 12:45 p.m.10 views

EUVD-2026-41672

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter.isalloweduser of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can b...

6.3CVSS5.5AI score0.00369EPSS
Exploits0References5
CVE
CVE
added 2026/07/04 12:45 p.m.20 views

CVE-2026-14627

The vulnerability CVE-2026-14627 affects NousResearch hermes-agent up to 0.15.2, specifically the Discord Platform Integration’s DiscordAdapter._is_allowed_user in gateway/platforms/discord.py. The root cause is improper authentication caused by manipulation of this function, enabling a remote at...

6.3CVSS5.5AI score0.00369EPSS
Exploits0References5
NVD
NVD
added 2026/07/04 12:16 p.m.8 views

CVE-2026-14626

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS0.00277EPSS
Exploits0References5
NVD
NVD
added 2026/07/04 12:16 p.m.8 views

CVE-2026-14625

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS0.00224EPSS
Exploits0References5
Rows per page
Query Builder