447695 matches found
EUVD-2026-37777
Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey registration endpoints that allows unauthenticated remote attackers to register arbitrary passkeys. When HERMESWEBUIPASSKEY=1 is enabled with no existing credentials, POST /api/auth/passkey/register/options an...
CVE-2026-55196
Hermes WebUI prior to version 0.51.409 contains an authentication bypass in passkey registration. When HERMES_WEBUI_PASSKEY=1 is enabled with no existing credentials, POST /api/auth/passkey/register/options and POST /api/auth/passkey/register are accessible without authentication, allowing an att...
CVE-2026-53871
Hermes WebUI prior to version 0.51.368 contains an authorization bypass in get_profile_cookie() that accepts unauthenticated profile names via the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie to bypass profile-scoped authorization and access sessions, files...
CVE-2026-53871 Hermes WebUI < 0.51.368 - Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...
EUVD-2026-37776
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...
CVE-2026-53871 Hermes WebUI < 0.51.368 - Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...
CVE-2026-53870 Hermes Agent < 0.16.0 - Sensitive File Permission Vulnerability in Store Files
Hermes Agent before 0.16.0 creates responsestore.db and webhooksubscriptions.json with world-readable permissions mode 0o644, exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including...
CVE-2026-53870 Hermes Agent < 0.16.0 - Sensitive File Permission Vulnerability in Store Files
Hermes Agent before 0.16.0 creates responsestore.db and webhooksubscriptions.json with world-readable permissions mode 0o644, exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including...
EUVD-2026-37775
Hermes Agent before 0.16.0 creates responsestore.db and webhooksubscriptions.json with world-readable permissions mode 0o644, exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including...
CVE-2026-53870
Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (0644), exposing conversation history, tool payloads, prompts, and per-route HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obt...
GHSA-P5CP-R7RG-QPXC Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode
RAG ACL Bypass in Milvus Multitenancy Mode Summary This is a bypass of the fix for: - GHSA-h36f-rqpx-j5wx - CVE-2026-44560 - "Unauthorized File and Knowledge Base Content Access via RAG Vector Search" Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus...
Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode
RAG ACL Bypass in Milvus Multitenancy Mode Summary This is a bypass of the fix for: - GHSA-h36f-rqpx-j5wx - CVE-2026-44560 - "Unauthorized File and Knowledge Base Content Access via RAG Vector Search" Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus...
CVE-2026-53869 Hermes Agent < 0.16.0 - DNS Rebinding Bypass via WebSocket Endpoints
Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute for WebSocket upgrade requests on /api/pty, /api/ws, /api/pub, and /api/events endpoints, enabling...
CVE-2026-53869 Hermes Agent < 0.16.0 - DNS Rebinding Bypass via WebSocket Endpoints
Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute for WebSocket upgrade requests on /api/pty, /api/ws, /api/pub, and /api/events endpoints, enabling...
EUVD-2026-37774
Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute for WebSocket upgrade requests on /api/pty, /api/ws, /api/pub, and /api/events endpoints, enabling...
CVE-2026-53869
CVE-2026-53869 : Hermes Agent prior to 0.16.0 has a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. The FastAPI HTTP middleware is not executed for WebSocket upgrade requests on /api/pty, /api/ws, /api/pub, and /api/events, ena...
CVE-2026-48818 Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows
Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...
EUVD-2026-37773
Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...
CVE-2026-48818 Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows
Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...
CVE-2026-48818
CVE-2026-48818 concerns Starlette’s StaticFiles on Windows. In versions up to 1.0.1, when handling UNC paths (for example, \attacker.com\share), os.path.realpath can initiate an outbound SMB connection before the path is rejected, triggering SSRF and exposing the service account’s NTLMv2 credenti...