EUVD-2026-34992
GHSA-9396-xwf6-94hp
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Authorization bypass in NousResearch hermes-agent up to 0.12.0 allows remote low-privileged authenticated attackers to access or manipulate sessions belonging to other users by supplying an arbitrary session title to the resume endpoint's resolve_session_by_title function without ownership verification. A public proof-of-concept exploit has been disclosed via GitHub Gist, and the vendor did not respond to pre-disclosure contact, meaning no patch is currently available. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must possess a valid low-privileged account on the target hermes-agent instance, as confirmed by the CVSS vector PR:L - unauthenticated actors cannot exploit this without first obtaining credentials. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS base score of 6.3 (Medium) reflects AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L - network-reachable, low complexity, requiring only low-privileged authentication with no user interaction and unchanged scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A publicly available proof-of-concept exploit exists at https://gist.github.com/YLChen-007/c2d162e9c8d39584223683cdcba98607. An attacker with a valid low-privileged account sends a crafted HTTP request to the hermes-agent resume endpoint, supplying the known or guessed title of another user's agent session as the `title` argument. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the vendor did not respond to pre-disclosure contact, so no fix version is confirmed. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today