3994 matches found
EUVD-2026-35707
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...
EUVD-2026-35706
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...
EUVD-2026-35704
Hermes WebUI before version 0.51.269 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...
EUVD-2026-35705
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-49957
Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...
CVE-2026-49958
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...
CVE-2026-49959
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...
CVE-2026-22926
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-49959 Hermes WebUI < 0.51.311 RCE via Git Configuration Injection
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...
CVE-2026-49959 Hermes WebUI < 0.51.311 RCE via Git Configuration Injection
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...
CVE-2026-49959
Hermes WebUI prior to 0.51.311 is affected by a remote code execution vulnerability. Authenticated attackers can trigger arbitrary commands by placing a malicious executable Git configuration in a workspace repo’s .git/config. The issue arises from Git subprocess invocations in api/workspace_git....
CVE-2026-49958 Hermes WebUI < 0.51.303 TOCTOU Race Condition via git_discard
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...
CVE-2026-49958 Hermes WebUI < 0.51.303 TOCTOU Race Condition via git_discard
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...
CVE-2026-49958
Hermes WebUI is affected by a TOCTOU race in git_discard (api/workspace_git.py) prior to version 0.51.303. An attacker can replace a validated path component with a symlink between safe_resolve_ws() and the subsequent Path.unlink() or shutil.rmtree() call, causing the delete operation to follow t...
CVE-2026-22926
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-22926
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-22926
Technical details about CVE-2026-22926 are not publicly available in the provided documents. No affected versions, root cause, or remediation are specified. Monitor for updates from Omnissa and CVE listings.
CVE-2026-49957 Hermes WebUI < 0.51.296 Workspace Boundary Bypass via api/workspace.py
Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...
CVE-2026-49957 Hermes WebUI < 0.51.296 Workspace Boundary Bypass via api/workspace.py
Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...
CVE-2026-49957
CVE-2026-49957 : Hermes WebUI prior to 0.51.269 contains a workspace boundary bypass. An authenticated attacker can exploit an early return in the SSH/remote terminal profile workspace resolution logic (in _remote_terminal_workspace_candidate()) by configuring a remote terminal working directory ...