Which versions of Hermes Agent are affected by CVE-2026-10220?

Organizations deploying NousResearch Hermes Agent versions through 2026.4.30 are exposed to unauthenticated remote attacks that could enable unauthorized access, data manipulation, and service…

Is there a public PoC exploit available for CVE-2026-10220?

Yes, a public proof-of-concept exploit is available for CVE-2026-10220. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-10220?

Within 24 hours: Inventory all systems running NousResearch Hermes Agent versions through 2026.4.30 and assess network accessibility of the affected endpoint. Within 7 days: Implement network access controls to restrict connectivity to the _serve_plugin_skill/skill_view function; deploy input filtering rules; disable the vulnerable feature if business requirements permit. Within 30 days: Monitor NousResearch vendor channels for security patches; evaluate alternative agent solutions if no patch timeline is announced.

Hermes Agent CVE-2026-10220

Q: What is the CVSS score of CVE-2026-10220?

CVE-2026-10220 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-33546 MEDIUM

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

2026-06-01 VulDB

GHSA-vq96-9529-5crp

Information Disclosure Hermes Agent

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Jun 01, 2026 - 04:22 NVD

HIGH MEDIUM

CVSS changed

Jun 01, 2026 - 04:22 NVD

7.3 (HIGH) 5.5 (MEDIUM)

Analysis Generated

Jun 01, 2026 - 04:21 vuln.today

DescriptionCVE.org

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function _serve_plugin_skill/skill_view of the file tools/skills_tool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Remote injection in NousResearch Hermes Agent through version 2026.4.30 allows unauthenticated attackers to manipulate the _serve_plugin_skill/skill_view function in tools/skills_tool.py. Publicly available exploit code exists via a GitHub gist, and the vendor has not responded to disclosure attempts, leaving deployments without an official fix. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed Hermes Agent endpoint

Delivery

Craft injection payload for skill parameter

Exploit

Send request to skill_view route

Execution

Trigger injection in _serve_plugin_skill

Impact

Leak data or influence downstream component