Vendor
NousResearch hermes-agent <= 0.12.0 Code Injection Vulnerability (CVE-2026-10221)
2 rules 1 TTP 1 CVENousResearch hermes-agent up to version 0.12.0 is vulnerable to code injection in the _compress_context function of the run_agent.py file, allowing remote exploitation.
NousResearch hermes-agent Remote Code Injection Vulnerability (CVE-2026-10220)
2 rules 1 TTP 1 CVEA remote code injection vulnerability (CVE-2026-10220) exists in NousResearch hermes-agent versions up to 2026.4.30, affecting the _serve_plugin_skill/skill_view function in tools/skills_tool.py, potentially allowing attackers to inject arbitrary code.
NousResearch hermes-agent Sandbox Vulnerability (CVE-2026-9368)
2 rules 1 TTP 1 CVEA vulnerability in NousResearch hermes-agent up to version 2026.4.16 allows for remote exploitation of the execute_code function, leading to a sandbox escape.
NousResearch hermes-agent OS Command Injection Vulnerability (CVE-2026-9367)
2 rules 1 TTP 1 CVENousResearch hermes-agent up to version 5157f5427f19488b31c6fdebbacd15d798ce7f63 is vulnerable to OS command injection (CVE-2026-9367) in the `detect_dangerous_command` function allowing a remote attacker to execute arbitrary commands.
NousResearch hermes-agent Injection Vulnerability (CVE-2026-9366)
2 rules 1 TTP 1 CVEA remote injection vulnerability exists in NousResearch hermes-agent 2026.4.23 within the _scan_context_content function of the agent/prompt_builder.py file, allowing attackers to inject malicious code.
NousResearch hermes-agent Remote Code Injection Vulnerability (CVE-2026-9353)
2 rules 1 TTP 1 CVEA remote code injection vulnerability (CVE-2026-9353) exists in NousResearch hermes-agent up to version 2026.4.23, allowing attackers to inject malicious code by manipulating the THREAT_PATTERNS argument in the Skills Guard Multi-Word Prompt Handler component.
NousResearch hermes-agent Missing Authorization Vulnerability (CVE-2026-9350)
2 rules 1 TTP 1 CVEA missing authorization vulnerability (CVE-2026-9350) exists in NousResearch hermes-agent up to version 2026.4.16, affecting the `check_all_command_guards` function in `tools/approval.py` of the Batch Runner component, enabling remote attackers to bypass authorization checks.