{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/hermes-agent-2026.4.23/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-9366"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["hermes-agent (2026.4.23)"],"_cs_severities":["high"],"_cs_tags":["cve","injection","hermes-agent"],"_cs_type":"advisory","_cs_vendors":["NousResearch"],"content_html":"\u003cp\u003eA vulnerability, identified as CVE-2026-9366, has been discovered in NousResearch hermes-agent version 2026.4.23. This injection vulnerability resides within the _scan_context_content function located in the agent/prompt_builder.py file. The vulnerability can be exploited remotely, and publicly available exploits exist. The vendor was contacted about the disclosure but did not respond. This vulnerability matters because it allows attackers to inject malicious code into the application potentially leading to arbitrary code execution.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable instance of NousResearch hermes-agent running version 2026.4.23.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious input string designed to exploit the injection vulnerability in the \u003ccode\u003e_scan_context_content\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eAttacker sends the crafted input to the vulnerable function, potentially through a network request or API call.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003e_scan_context_content\u003c/code\u003e function fails to properly neutralize special elements within the input, leading to code injection.\u003c/li\u003e\n\u003cli\u003eThe injected code is executed within the context of the hermes-agent application.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control over parts of the application.\u003c/li\u003e\n\u003cli\u003eThe attacker escalates privileges within the application.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves arbitrary code execution on the server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9366 can allow an attacker to execute arbitrary code on the server running NousResearch hermes-agent. The affected version is 2026.4.23. Given the nature of injection vulnerabilities, it\u0026rsquo;s plausible that attackers could leverage this to gain full control over the system, potentially leading to data breaches, service disruption, or further lateral movement within the network.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade NousResearch hermes-agent to a patched version that addresses CVE-2026-9366 (no version available).\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization for the \u003ccode\u003e_scan_context_content\u003c/code\u003e function in \u003ccode\u003eagent/prompt_builder.py\u003c/code\u003e to prevent injection attacks.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious patterns and payloads targeting the hermes-agent application.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided below to your SIEM to detect potential exploitation attempts of CVE-2026-9366.\u003c/li\u003e\n\u003cli\u003eEnable and review application logs for anomalies related to the \u003ccode\u003e_scan_context_content\u003c/code\u003e function.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T13:46:26Z","date_published":"2026-05-26T13:46:26Z","id":"https://feed.craftedsignal.io/briefs/2026-05-nousresearch-injection/","summary":"A remote injection vulnerability exists in NousResearch hermes-agent 2026.4.23 within the _scan_context_content function of the agent/prompt_builder.py file, allowing attackers to inject malicious code.","title":"NousResearch hermes-agent Injection Vulnerability (CVE-2026-9366)","url":"https://feed.craftedsignal.io/briefs/2026-05-nousresearch-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Hermes-Agent (2026.4.23)","version":"https://jsonfeed.org/version/1.1"}