Lucene search
+L

4 matches found

EUVD
EUVD
added 2026/04/22 12:31 a.m.5 views

EUVD-2026-24506

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update,...

6.3CVSS5.9AI score0.0026EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/21 9:9 p.m.8 views

CVE-2026-6829

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update,...

6.3CVSS5.9AI score0.0026EPSS
Exploits0References5
OSV
OSV
added 2026/04/21 9:9 p.m.3 views

CVE-2026-6829 nesquena hermes-webui Arbitrary Workspace Directory Access

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update,...

5.3CVSS6.1AI score0.0026EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.22 views

PT-2026-34193

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update,...

6.3CVSS5.9AI score0.0026EPSS
Exploits0References6
Rows per page
Query Builder