Skip to main content

Hermes WebUI CVE-2026-49973

| EUVDEUVD-2026-36306 CRITICAL
Missing Authentication for Critical Function (CWE-306)
2026-06-11 VulnCheck GHSA-p52p-4vmg-4vq3
9.2
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.7 HIGH

Network-reachable and unauthenticated (AV:N/PR:N/UI:N), but exploitable only during the first-run setup window, so AC:H; full admin takeover gives C:H/I:H, with availability limited to operator lockout (A:L).

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 11, 2026 - 20:21 vuln.today
Analysis Generated
Jun 11, 2026 - 20:21 vuln.today

DescriptionCVE.org

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable network can send a POST request to the settings endpoint during the first-run setup window to persist an arbitrary password hash, obtain a valid session cookie, and lock out the legitimate operator from their own instance.

AnalysisAI

Unauthenticated initial-setup hijack in Hermes WebUI before 0.51.358 allows any remote attacker who can reach the settings API endpoint during the first-run window to POST the _set_password parameter, persist an arbitrary password hash, and obtain a valid administrative session cookie. The flaw, reported by VulnCheck and tracked as an improper access control (CWE-306) issue, locks the legitimate operator out of their own instance and grants full administrative control. No public exploit identified at time of analysis, but an upstream fix landed in release v0.51.358.

Technical ContextAI

Hermes WebUI (cpe:2.3:a:nesquena:hermes-webui) is a web administration interface whose first-run bootstrap routine exposes a settings API endpoint that accepts a _set_password parameter to provision the initial administrator credential. The root cause is CWE-306 (Missing Authentication for a Critical Function): the endpoint applies no network-origin restriction, no setup-token requirement, and no check that the request originates from a trusted local or installer context, so any reachable client can complete the bootstrap. The fix shipped as the 'first-run password bootstrap hardening' change referenced in PR #3964 and merged via PR #3973, landing in tag v0.51.358 (commit 1126e541325d401538f6a272a9c024c37d47ae08).

RemediationAI

Vendor-released patch: upgrade to Hermes WebUI v0.51.358 or later, which includes the first-run password bootstrap hardening change (PRs https://github.com/nesquena/hermes-webui/pull/3964 and https://github.com/nesquena/hermes-webui/pull/3973, commit https://github.com/nesquena/hermes-webui/commit/1126e541325d401538f6a272a9c024c37d47ae08). If upgrade is not immediately possible, complete the first-run setup yourself before exposing the instance to any untrusted network so the bootstrap window closes, and restrict network access to the settings endpoint (for example bind the listener to 127.0.0.1 or place it behind an authenticating reverse proxy or VPN until provisioning is finished) - the trade-off is that administrators will need to provision via the loopback or proxy path rather than directly from a remote browser.

CVE-2026-58123 CRITICAL
9.3 Jul 09

Unauthenticated remote code execution in Hermes WebUI before version 0.51.788 lets remote attackers run arbitrary shell

CVE-2026-58122 CRITICAL
9.3 Jul 09

Authentication bypass in Hermes WebUI before 0.51.307 lets unauthenticated remote attackers reach onboarding endpoints t

CVE-2026-55196 CRITICAL
9.1 Jun 17

Authentication bypass in Hermes WebUI before 0.51.409 allows unauthenticated remote attackers to register the first pass

CVE-2026-53871 HIGH
8.6 Jun 17

Cross-profile authorization bypass in Hermes WebUI before 0.51.368 allows authenticated users to access sessions, files,

CVE-2026-6832 HIGH
7.2 Apr 21

Hermes WebUI contains an arbitrary file deletion vulnerability in the /api/session/delete endpoint that allows authentic

CVE-2026-11322 HIGH
7.1 Jun 04

Information disclosure in Hermes WebUI before v0.51.221 allows authenticated remote attackers to read arbitrary files ou

CVE-2026-49956 HIGH
7.1 Jun 09

Cross-profile data disclosure in Hermes WebUI before 0.51.269 allows authenticated users to read session titles and tran

CVE-2026-55198 HIGH
7.1 Jun 17

Cross-profile session data exfiltration in Hermes WebUI before 0.51.443 lets any authenticated user retrieve session tra

CVE-2026-55197 HIGH
7.1 Jun 17

Cross-profile session disclosure in Hermes WebUI before 0.51.443 lets any authenticated user retrieve conversation trans

CVE-2026-49955 MEDIUM
6.9 Jun 09

Resource exhaustion in Hermes WebUI before v0.51.270 allows unauthenticated remote attackers to degrade service availabi

CVE-2026-55205 MEDIUM
6.9 Jun 18

Resource exhaustion in Hermes WebUI before 0.51.468 exposes an unauthenticated POST /api/onboarding/oauth/start endpoint

CVE-2026-58174 MEDIUM
6.0 Jun 30

Cross-profile workspace isolation bypass in Hermes WebUI before 0.51.521 allows an authenticated low-privilege user oper

Share

CVE-2026-49973 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy