Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
9DescriptionCVE.org
A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument _INSECURE_NO_AUTH results in missing authentication. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitation is known to be difficult. The exploit has been made public and could be used. The project was informed of the problem early through a pull request but has not reacted yet.
AnalysisAI
Authentication bypass in hermes-agent 0.8.0 webhook endpoint allows remote attackers to bypass authentication controls via manipulation of the _INSECURE_NO_AUTH parameter, resulting in limited confidentiality and integrity impact. The vulnerability requires high attack complexity and has publicly available exploit code; vendor patch is available but the project has not yet merged the fix despite early notification.
Technical ContextAI
The vulnerability exists in the Webhooks Endpoint component, specifically in the gateway/platforms/webhook.py file. The root cause is CWE-306 (Missing Authentication Check), where the _INSECURE_NO_AUTH parameter is processed without proper validation, allowing attackers to manipulate authentication logic. This appears to be a feature flag or debug parameter that was left accessible in production code without appropriate guards. The webhook endpoint in Python frameworks like Flask or FastAPI typically handles incoming HTTP requests; if authentication checks are conditionally bypassed based on an unsanitized parameter, remote clients can craft requests that skip authentication entirely.
RemediationAI
Apply the vendor-released patch available in GitHub pull request #6445 to hermes-agent. Organizations should update to the patched version as soon as testing permits. Immediate compensating control: disable or restrict network access to the webhook endpoint (gateway/platforms/webhook.py) if the service is not in active use, reducing the attack surface. If the endpoint must remain accessible, implement network-level authentication such as mutual TLS (mTLS), IP allowlisting, or reverse proxy authentication to validate requests before they reach the application layer. Verify that the _INSECURE_NO_AUTH parameter is not accessible in production configurations; if found in environment variables or config files, remove it immediately. After patching, conduct a review of webhook request logs to detect any prior exploitation attempts.
More in Hermes Agent
View allRemote command injection in NousResearch hermes-agent allows unauthenticated attackers to execute arbitrary OS commands
Path traversal in NousResearch hermes-agent (all versions through 2026.5.16) exposes arbitrary server-side files via the
Path traversal in NousResearch hermes-agent through version 2026.4.16 allows remote unauthenticated attackers to bypass
Remote sandbox escape in NousResearch hermes-agent versions up to 2026.4.16 allows unauthenticated attackers to manipula
Remote code/prompt injection in NousResearch Hermes Agent through 0.12.0 stems from improper neutralization in the _comp
Remote injection in NousResearch Hermes Agent through version 2026.4.30 allows unauthenticated attackers to manipulate t
Code injection in NousResearch hermes-agent 2026.4.23 allows remote unauthenticated attackers to inject and execute arbi
Remote injection vulnerability in NousResearch hermes-agent versions up to 2026.4.23 enables unauthenticated attackers t
Uncontrolled resource consumption in NousResearch hermes-agent (all versions through 2026.4.30) allows remote unauthenti
Missing authorization in NousResearch hermes-agent versions up to 2026.4.16 allows remote attackers to bypass authentica
Information disclosure in NousResearch hermes-agent allows remote unauthenticated attackers to extract sensitive data vi
A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25818