Lucene search
K

31 matches found

EUVD
EUVD
added 5 hours ago6 views

EUVD-2026-42722

Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal API endpoints without credentials. Attackers can create a session, attach a PTY shell, and write arbitra...

9.8CVSS6.8AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-58123

Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal API endpoints without credentials. Attackers can create a session, attach a PTY shell, and write arbitra...

9.8CVSS6.8AI score
Exploits0References5
NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-58174

Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import handler, so the imported session is persisted with a null profile. Because a null profile is treated ...

6.5CVSS0.00265EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 3:55 p.m.4 views

EUVD-2026-40355

Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import handler, so the imported session is persisted with a null profile. Because a null profile is treated ...

6.5CVSS5.8AI score0.00265EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53925

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.521 Description An authorization bypass occurs during the session import process. The /api/session/import endpoint validates the workspace of an imported session under the active named profile but fails to s...

6.5CVSS5.9AI score0.00265EPSS
Exploits0References10
NVD
NVD
added 2026/06/17 7:18 p.m.13 views

CVE-2026-53871

Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...

8.6CVSS0.00365EPSS
Exploits0References5
CVE
CVE
added 2026/06/17 5:59 p.m.33 views

CVE-2026-55197

Hermes WebUI before 0.51.443 has a broken access control weakness in the /api/session endpoint. Authenticated users can bypass profile boundaries and query session IDs from other profiles via GET /api/session?session_id=&messages=1 to retrieve unauthorized transcripts and metadata. This affects t...

7.1CVSS5.3AI score0.00272EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/17 5:58 p.m.22 views

CVE-2026-53871 Hermes WebUI < 0.51.368 - Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie

Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...

8.6CVSS0.00365EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.32 views

PT-2026-50521

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.409 Description An authentication bypass exists in passkey registration endpoints. When HERMES WEBUI PASSKEY=1 is enabled and no credentials exist, unauthenticated remote attackers can register arbitrary...

9.1CVSS6.1AI score0.00579EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Hermes Web UI 访问控制错误漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.358 contained an access control vulnerability. This vulnerability stemmed from improper access control measures, allowing unauthorized remote attackers to initial...

9.4CVSS5.9AI score0.00543EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:31 p.m.12 views

EUVD-2026-35494

Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the...

6.9CVSS5.5AI score0.00586EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/09 6:31 p.m.16 views

EUVD-2026-35497

Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoint without active-profile filtering. Attackers can send requests to the sessions search handler to...

7.1CVSS5.5AI score0.00272EPSS
Exploits0References6
NVD
NVD
added 2026/06/09 5:17 p.m.13 views

CVE-2026-49957

Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...

7.7CVSS0.00421EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 4:46 p.m.16 views

CVE-2026-49959

Hermes WebUI prior to 0.51.311 is affected by a remote code execution vulnerability. Authenticated attackers can trigger arbitrary commands by placing a malicious executable Git configuration in a workspace repo’s .git/config. The issue arises from Git subprocess invocations in api/workspace_git....

8.8CVSS6.7AI score0.00945EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 4:25 p.m.21 views

CVE-2026-49957 Hermes WebUI < 0.51.296 Workspace Boundary Bypass via api/workspace.py

Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...

7.7CVSS5.5AI score0.00421EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.22 views

PT-2026-48119

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.296 Description An authenticated attacker can bypass workspace boundary checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within the remote terminal workspace...

7.7CVSS5.3AI score0.00421EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained security vulnerabilities. These vulnerabilities were caused by a configuration file isolation bypass issue, which could allow authenticated users to acces...

7.1CVSS5.3AI score0.00272EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.270 contained security vulnerabilities. These vulnerabilities were due to a resource exhaustion issue, which could allow unauthenticated remote attackers to reduce the...

6.9CVSS5.4AI score0.00586EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Hermes Web UI 路径遍历漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.269 contained a path traversal vulnerability. This vulnerability stemmed from an issue with bypassing workspace boundaries, which could allow authentication attackers t...

7.7CVSS5.4AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Hermes Web UI 安全漏洞

Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.303 contained security vulnerabilities, which were caused by a TOCTOU race condition in the gitdiscard function. This vulnerability could allow attackers to delete file...

5CVSS5.3AI score0.00081EPSS
Exploits0References1
Rows per page
Query Builder