Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-accessible with low complexity, but PR:L required per CVSS 4.0 source; impact limited to low confidentiality read - no integrity or availability effect.
Primary rating from Vendor (vuldb).
CVSS VectorVendor: vuldb
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 56f833efa427ccb444c0f9ad1759af1012f2124d. It is advisable to implement a patch to correct this issue.
AnalysisAI
Path traversal in NousResearch hermes-agent 2026.5.29.2 allows low-privilege authenticated remote attackers to read files outside the intended directory by supplying crafted path traversal sequences in the Name argument of the skill_view function within tools/skills_tool.py. Impact is confined to limited confidentiality exposure - no integrity or availability effect - consistent with the CVSS 4.0 score of 2.1 (Low). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must hold a valid low-privilege authenticated session against the hermes-agent service - CVSS PR:L confirms authentication is required; unauthenticated exploitation is not supported by the available data. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 2.1 (Low) reflects several mitigating factors: the attacker must be authenticated (PR:L), impact is read-only with limited confidentiality scope (VC:L), and there is no integrity or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A publicly available exploit exists per the CVE description and CVSS E:P modifier. An authenticated attacker with low-privilege access sends a crafted HTTP request to the `skill_view` function with the `Name` parameter set to a path traversal payload such as `../../etc/passwd`, causing the application to resolve and return the contents of an arbitrary file on the host filesystem. … |
| Remediation | Apply the upstream fix via commit 56f833efa427ccb444c0f9ad1759af1012f2124d, available at https://github.com/NousResearch/hermes-agent/commit/56f833efa427ccb444c0f9ad1759af1012f2124d and tracked in pull request https://github.com/NousResearch/hermes-agent/pull/40566. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41794
GHSA-xq87-v97r-jw5g