EUVD-2026-33557
GHSA-pmqc-57g8-c22c
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Uncontrolled resource consumption in NousResearch hermes-agent (all versions through 2026.4.30) allows remote unauthenticated attackers to degrade service availability by sending crafted requests to the Feishu webhook endpoint. The vulnerable function _handle_webhook_request in gateway/platforms/feishu.py fails to bound resource usage during webhook processing, enabling denial-of-service conditions. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The Feishu (Lark) webhook integration must be enabled in hermes-agent and the webhook HTTP endpoint must be reachable from the attacker's network - this is a non-default feature requiring deliberate configuration of the Feishu platform integration. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.3 (Medium) reflects a network-reachable, low-complexity, unauthenticated attack (AV:N/AC:L/PR:N/UI:N) with only partial availability impact (A:L) and no confidentiality or integrity consequence. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network access to the hermes-agent Feishu webhook endpoint sends a series of crafted HTTP POST requests designed to trigger disproportionate resource consumption within the `_handle_webhook_request` function - requiring no authentication or prior access per the CVSS PR:N/AC:L vector. A publicly available proof-of-concept on GitHub (https://gist.github.com/YLChen-007/0304e313d811f187ade93d3b01de0f87) demonstrates the technique, lowering the skill bar for exploitation. … |
| Remediation | No vendor-released patch has been identified at time of analysis, and the vendor did not respond to the original disclosure. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today