Skip to main content

hermes-agent CVE-2026-14617

| EUVDEUVD-2026-41654 LOW
Improper Handling of Case Sensitivity (CWE-178)
2026-07-03 cna@vuldb.com GHSA-pxqg-8rwp-q2x2
1.3
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
1.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.1 LOW

Network vector with authenticated low-privilege access and high complexity required; impact is confidentiality-only at low severity with no scope change.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 03, 2026 - 22:30 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case sensitivity. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. The project decided to not implement a dedicated fix: "[T]he analysis and the fix are both sound. It just lands below the bar for the maintenance cost of a duplicated scrub path."

AnalysisAI

Case-sensitivity bypass in NousResearch hermes-agent through version 2026.4.30 allows authenticated remote attackers to leak limited reasoning content that should have been scrubbed by the Streaming Reasoning Tag Filter. The vulnerability resides in GatewayStreamConsumer._filter_and_accumulate within gateway/stream_consumer.py, where tag matching fails to account for case variations, permitting reasoning tokens to escape filtration. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege credentials to hermes-agent
Delivery
Send streaming request with case-varied reasoning tag markers
Exploit
Tag filter fails case-sensitive match
Execution
Reasoning content bypasses scrubber
Impact
Attacker reads leaked reasoning tokens in response stream

Vulnerability AssessmentAI

Exploitation Exploitation requires authenticated access with at minimum low-privilege credentials (PR:L in the CVSS 4.0 vector) - unauthenticated exploitation is not supported by the available data. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The aggregate risk picture is low. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated user with network access to the hermes-agent streaming endpoint crafts requests that inject reasoning tags using non-standard casing variations. When the streamed response is processed by `_filter_and_accumulate`, the case-sensitive filter fails to match and scrub the reasoning tokens, causing the internal reasoning content to be returned in the output stream. …
Remediation No vendor-released patch is planned. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-14617 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy