CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

92 matches found

RedhatCVE•added 2026/06/09 2:58 a.m.•9 views

CVE-2026-11461

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS6.1AI score0.00225EPSS

Exploits0References1

EUVD•added 2026/06/08 12:30 a.m.•9 views

EUVD-2026-34992

6.5CVSS5.1AI score0.00225EPSS

Exploits0References7

NVD•added 2026/06/07 10:16 p.m.•10 views

CVE-2026-11461

6.5CVSS0.00225EPSS

Exploits0References6

Vulnrichment•added 2026/06/07 9:45 p.m.•5 views

CVE-2026-11461 NousResearch hermes-agent resume Endpoint hermes_state.py resolve_session_by_title authorization

6.5CVSS6.1AI score0.00225EPSS

Exploits0References6

CVE•added 2026/06/07 9:45 p.m.•90 views

CVE-2026-11461

CVE-2026-11461 affects NousResearch Hermes-Agent up to version 0.12.0. The vulnerability is in the resume endpoint’s file hermes_state.py, in the function resolve_session_by_title, where manipulating the Title argument can bypass authorization. It allows remote exploitation, with the exploit publ...

6.5CVSS6.1AI score0.00225EPSS

Exploits0References6

RedhatCVE•added 2026/06/05 7:50 p.m.•5 views

CVE-2026-7113

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument INSECURENOAUTH results in missing authentication. The attack can be...

6.3CVSS5.3AI score0.00362EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:48 p.m.•6 views

CVE-2026-10222

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function sanitizeenvlines of the file hermescli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of...

6.3CVSS5.5AI score0.00266EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:48 p.m.•6 views

CVE-2026-10223

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...

6.5CVSS6.2AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:39 p.m.•7 views

CVE-2026-7396

A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component WeChat Work Platform Adapter. The manipulation leads to path traversal. It is possible to initiate the attack remotely. T...

6.9CVSS5.6AI score0.00479EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:34 p.m.•6 views

CVE-2026-10224

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function handlewebhookrequest of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be...

6.9CVSS5.4AI score0.00372EPSS

Exploits0References1

RedhatCVE•added 2026/06/03 10:1 p.m.•7 views

CVE-2026-10221

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

7.5CVSS6.8AI score0.00304EPSS

Exploits0References1

RedhatCVE•added 2026/06/02 4:1 p.m.•7 views

CVE-2026-10220

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS5.5AI score0.00304EPSS

Exploits0References1

NVD•added 2026/06/02 2:16 a.m.•10 views

CVE-2026-10548

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function syncanthropicentryfromcredentialsfile of the file agent/credentialpool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The attack...

5.3CVSS0.0014EPSS

Exploits0References5

ATTACKERKB•added 2026/06/02 12:30 a.m.•7 views

CVE-2026-10548

5.3CVSS5.6AI score0.0014EPSS

Exploits0References5Affected Software1

CVE•added 2026/06/02 12:30 a.m.•27 views

CVE-2026-10548

CVE-2026-10548 affects NousResearch hermes-agent (up to 2026.4.23) in the Credential Pool Synchronization area. The flaw resides in the function _sync_anthropic_entry_from_credentials_file within agent/credential_pool.py and leads to improper authentication. Attack requires local access; exploita...

5.3CVSS5.6AI score0.0014EPSS

Exploits0References5

RedhatCVE•added 2026/06/01 10:3 p.m.•7 views

CVE-2026-9352

A weakness has been identified in NousResearch hermes-agent up to 2026.4.23. This issue affects the function makerunenv of the file tools/environments/local.py of the component Messaging Gateway Handler. Executing a manipulation can lead to information disclosure. The attack may be launched...

6.9CVSS5.5AI score0.00368EPSS

Exploits0References1

NVD•added 2026/06/01 6:16 a.m.•10 views

CVE-2026-10224

6.9CVSS0.00372EPSS

Exploits0References5

Vulnrichment•added 2026/06/01 4:30 a.m.•8 views

CVE-2026-10224 NousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumption

6.9CVSS5.6AI score0.00372EPSS

Exploits0References5

NVD•added 2026/06/01 4:16 a.m.•9 views

CVE-2026-10220