Which versions of hermes-agent are affected by CVE-2026-9350?

NousResearch hermes-agent versions up to 2026.4.16 contain an authorization bypass in the Batch Runner component that allows unauthenticated remote attackers to execute unauthorized commands,…

Is there a public PoC exploit available for CVE-2026-9350?

Yes, a public proof-of-concept exploit is available for CVE-2026-9350. Prioritise patching immediately. EPSS: 0.0%.

hermes-agent CVE-2026-9350

Q: What is the CVSS score of CVE-2026-9350?

CVE-2026-9350 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-31560 MEDIUM

Missing Authorization (CWE-862)

2026-05-24 VulDB

GHSA-4j8w-8wvv-4969

Authentication Bypass

5.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

May 26, 2026 - 19:52 NVD

HIGH MEDIUM

CVSS changed

May 26, 2026 - 19:52 NVD

7.3 (HIGH) 5.5 (MEDIUM)

Analysis Generated

May 24, 2026 - 03:45 vuln.today

DescriptionNVD

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check_all_command_guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Missing authorization in NousResearch hermes-agent versions up to 2026.4.16 allows remote attackers to bypass authentication checks in the Batch Runner component, potentially executing unauthorized commands. The vulnerability affects the check_all_command_guards function in tools/approval.py and can be exploited without authentication. …

RemediationAI

Within 24 hours: Audit all systems running NousResearch hermes-agent versions ≤2026.4.16 and isolate affected instances from production networks. Within 7 days: Implement network-level restrictions to limit Batch Runner component exposure and disable the affected check_all_command_guards function in tools/approval.py if operationally feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-9350 vulnerability details – vuln.today

Back

hermes-agent CVE-2026-9350

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

hermes-agent CVE-2026-9350

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code