Lucene search
K

77 matches found

EUVD
EUVD
added 10 hours ago6 views

EUVD-2026-41794

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.6AI score
Exploits0References9
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41673

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41672

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter.isalloweduser of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can b...

6.3CVSS5.5AI score0.00369EPSS
Exploits0References5
CVE
CVE
added 2 days ago10 views

CVE-2026-14627

The vulnerability CVE-2026-14627 affects NousResearch hermes-agent up to 0.15.2, specifically the Discord Platform Integration’s DiscordAdapter._is_allowed_user in gateway/platforms/discord.py. The root cause is improper authentication caused by manipulation of this function, enabling a remote at...

6.3CVSS5.5AI score0.00369EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41670

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS5.6AI score0.00277EPSS
Exploits0References5
CVE
CVE
added 2 days ago9 views

CVE-2026-14625

The vulnerability CVE-2026-14625 affects NousResearch hermes-agent up to version 0.15.2. The issue lies in the shell.exec function within tui_gateway/server.py, enabling a remote attack and causing a protection mechanism failure. Public exploit appears to be available. Vendor was notified but did...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41664

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-41654

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References9
CVE
CVE
added 3 days ago13 views

CVE-2026-14617

CVE-2026-14617 affects NousResearch hermes-agent (up to 2026.4.30). The issue resides in GatewayStreamConsumer._filter_and_accumulate (gateway/stream_consumer.py) within the Streaming Reasoning Tag Filter, where improper handling of case sensitivity is reported as the underlying root cause. The v...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.13 views

CVE-2026-11461

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS6.1AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 12:30 a.m.18 views

EUVD-2026-34992

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS5.1AI score0.00225EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/07 9:45 p.m.35 views

CVE-2026-11461 NousResearch hermes-agent resume Endpoint hermes_state.py resolve_session_by_title authorization

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS0.00225EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.20 views

PT-2026-47189

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 0.12.1 Description An authorization bypass exists in the resume endpoint. The issue occurs within the resolve session by title function located in the hermes state.py file. A remote attacker can...

6.5CVSS6.6AI score0.00225EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.11 views

CVE-2026-7396

A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component WeChat Work Platform Adapter. The manipulation leads to path traversal. It is possible to initiate the attack remotely. T...

6.9CVSS5.6AI score0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:30 a.m.14 views

EUVD-2026-33856

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function syncanthropicentryfromcredentialsfile of the file agent/credentialpool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The attack...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45677

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function sync anthropic entry from credentials file of the file agent/credential pool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 6:16 a.m.17 views

CVE-2026-10223

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...

6.5CVSS0.00228EPSS
Exploits0References5
NVD
NVD
added 2026/06/01 6:16 a.m.26 views

CVE-2026-10222

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function sanitizeenvlines of the file hermescli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of...

6.3CVSS0.00266EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/01 4:30 a.m.10 views

CVE-2026-10224 NousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumption

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function handlewebhookrequest of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be...

6.9CVSS5.6AI score0.00372EPSS
Exploits0References5
CVE
CVE
added 2026/06/01 4:30 a.m.37 views

CVE-2026-10224

Technical details about CVE-2026-10224 are not publicly available in the provided documents. Monitor for updates.

6.9CVSS5.6AI score0.00372EPSS
Exploits0References5
Rows per page
Query Builder