Tag
high
advisory
NousResearch hermes-agent Injection Vulnerability (CVE-2026-9366)
2 rules 1 TTP 1 CVEA remote injection vulnerability exists in NousResearch hermes-agent 2026.4.23 within the _scan_context_content function of the agent/prompt_builder.py file, allowing attackers to inject malicious code.
hermes-agent
cve
injection
2r
1t
1c
high
advisory
NousResearch hermes-agent Missing Authorization Vulnerability (CVE-2026-9350)
2 rules 1 TTP 1 CVEA missing authorization vulnerability (CVE-2026-9350) exists in NousResearch hermes-agent up to version 2026.4.16, affecting the `check_all_command_guards` function in `tools/approval.py` of the Batch Runner component, enabling remote attackers to bypass authorization checks.
hermes-agent
cve
authorization
2r
1t
1c