Vulnerabilidades em NousResearch
22 resultadosCVE-2026-9367MEDIUMNousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injectionEPSS 1.7%CVE-2026-9351MEDIUMNousResearch hermes-agent read_file Tool file_tools.py _is_blocked_device path traversalEPSS 0.7%CVE-2026-53869HIGHHermes Agent < 0.16.0 - DNS Rebinding Bypass via WebSocket EndpointsEPSS 0.6%CVE-2026-7396MEDIUMNousResearch hermes-agent WeChat Work Platform Adapter wecom.py path traversalEPSS 0.5%CVE-2026-9368MEDIUMNousResearch hermes-agent Environment Variable code_execution_tool.py execute_code sandboxEPSS 0.4%CVE-2026-10224MEDIUMNousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumptionEPSS 0.4%CVE-2026-7113MEDIUMNousResearch hermes-agent Webhooks Endpoint webhook.py missing authenticationEPSS 0.4%CVE-2026-7112MEDIUMNousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authenticationEPSS 0.4%CVE-2026-9354MEDIUMNousResearch hermes-agent Slack Agent/Mattermost Agent escape outputEPSS 0.3%CVE-2026-10221MEDIUMNousResearch hermes-agent run_agent.py _compress_context injectionEPSS 0.3%CVE-2026-9353MEDIUMNousResearch hermes-agent Skills Guard Multi-Word Prompt skills_guard.py injectionEPSS 0.3%CVE-2026-10220MEDIUMNousResearch hermes-agent skills_tool.py skill_view injectionEPSS 0.3%CVE-2026-9366MEDIUMNousResearch hermes-agent prompt_builder.py _scan_context_content injectionEPSS 0.3%CVE-2026-9352MEDIUMNousResearch hermes-agent Messaging Gateway local.py _make_run_env information disclosureEPSS 0.3%CVE-2026-9350MEDIUMNousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorizationEPSS 0.3%CVE-2026-10222MEDIUMNousResearch hermes-agent config.py _sanitize_env_lines injectionEPSS 0.3%CVE-2026-10223MEDIUMNousResearch hermes-agent memory_tool.py _scan_memory_content injectionEPSS 0.2%CVE-2026-9369MEDIUMNousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins comparisonEPSS 0.2%CVE-2026-11461MEDIUMNousResearch hermes-agent resume Endpoint hermes_state.py resolve_session_by_title authorizationEPSS 0.2%CVE-2026-10548MEDIUMNousResearch hermes-agent Credential Pool Synchronization credential_pool.py _sync_anthropic_entry_from_credentials_file improper authenticationEPSS 0.1%