Skip to main content

Hermes WebUI CVE-2026-49956

| EUVDEUVD-2026-35497 HIGH
Missing Authorization (CWE-862)
2026-06-09 VulnCheck GHSA-mgxw-v6rh-wcv6
7.1
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
7.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (VulnCheck) · only source for this CVE.

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
Analysis Updated
Jun 09, 2026 - 17:29 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 09, 2026 - 17:29 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 09, 2026 - 17:22 vuln.today
cvss_changed
Severity Changed
Jun 09, 2026 - 17:22 NVD
MEDIUM HIGH
CVSS changed
Jun 09, 2026 - 17:22 NVD
6.5 (MEDIUM) 7.1 (HIGH)
Source Code Evidence Fetched
Jun 09, 2026 - 16:52 vuln.today
Analysis Generated
Jun 09, 2026 - 16:52 vuln.today

DescriptionCVE.org

Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoint without active-profile filtering. Attackers can send requests to the sessions search handler to retrieve session titles and transcript message content from profiles other than their own active profile.

AnalysisAI

Cross-profile data disclosure in Hermes WebUI before 0.51.269 allows authenticated users to read session titles and transcript message content from other users' profiles by querying the sessions search endpoint, which fails to scope results to the caller's active profile. The flaw was reported by VulnCheck and a vendor patch is available; no public exploit identified at time of analysis, but the issue is trivial to trigger for any logged-in account.

Technical ContextAI

Hermes WebUI is a Node/web front-end (CPE cpe:2.3:a:nesquena:hermes-webui) that organizes conversation sessions under per-user 'profiles' for isolation. The root cause is CWE-862 (Missing Authorization): the sessions search handler executes the query without applying the active-profile filter that the rest of the application relies on for tenant separation, so authorization is enforced inconsistently across endpoints. The disclosed data includes user-generated session titles and transcript message bodies, meaning any sensitive content typed into chats is reachable through the same handler.

RemediationAI

Vendor-released patch: upgrade to Hermes WebUI 0.51.269 or later, which lands the fix tracked in pull requests https://github.com/nesquena/hermes-webui/pull/3646 and https://github.com/nesquena/hermes-webui/pull/3672 and commit https://github.com/nesquena/hermes-webui/commit/2c7b530071bb29ae4184e83e33be5799d529568e. Until the upgrade can be deployed on multi-user instances, restrict access to the sessions search endpoint at the reverse proxy (for example, block or require an additional auth header on the sessions search route) and consider running each user in an isolated single-profile deployment; both controls degrade search functionality or increase operational overhead but eliminate cross-profile reads. Monitor application logs for unusual volumes of sessions search queries from low-privilege accounts and rotate any chat content that may have been exposed.

CVE-2026-58123 CRITICAL
9.3 Jul 09

Unauthenticated remote code execution in Hermes WebUI before version 0.51.788 lets remote attackers run arbitrary shell

CVE-2026-58122 CRITICAL
9.3 Jul 09

Authentication bypass in Hermes WebUI before 0.51.307 lets unauthenticated remote attackers reach onboarding endpoints t

CVE-2026-55196 CRITICAL
9.1 Jun 17

Authentication bypass in Hermes WebUI before 0.51.409 allows unauthenticated remote attackers to register the first pass

CVE-2026-49973 CRITICAL
9.2 Jun 11

Unauthenticated initial-setup hijack in Hermes WebUI before 0.51.358 allows any remote attacker who can reach the settin

CVE-2026-53871 HIGH
8.6 Jun 17

Cross-profile authorization bypass in Hermes WebUI before 0.51.368 allows authenticated users to access sessions, files,

CVE-2026-6832 HIGH
7.2 Apr 21

Hermes WebUI contains an arbitrary file deletion vulnerability in the /api/session/delete endpoint that allows authentic

CVE-2026-11322 HIGH
7.1 Jun 04

Information disclosure in Hermes WebUI before v0.51.221 allows authenticated remote attackers to read arbitrary files ou

CVE-2026-55198 HIGH
7.1 Jun 17

Cross-profile session data exfiltration in Hermes WebUI before 0.51.443 lets any authenticated user retrieve session tra

CVE-2026-55197 HIGH
7.1 Jun 17

Cross-profile session disclosure in Hermes WebUI before 0.51.443 lets any authenticated user retrieve conversation trans

CVE-2026-49955 MEDIUM
6.9 Jun 09

Resource exhaustion in Hermes WebUI before v0.51.270 allows unauthenticated remote attackers to degrade service availabi

CVE-2026-55205 MEDIUM
6.9 Jun 18

Resource exhaustion in Hermes WebUI before 0.51.468 exposes an unauthenticated POST /api/onboarding/oauth/start endpoint

CVE-2026-58174 MEDIUM
6.0 Jun 30

Cross-profile workspace isolation bypass in Hermes WebUI before 0.51.521 allows an authenticated low-privilege user oper

Share

CVE-2026-49956 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy