Hermes

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22798 PyPI MEDIUM PATCH This Month

Hermes versions up to 0.9.1 is affected by insertion of sensitive information into log file (CVSS 5.9).

Information Disclosure Hermes
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-1293 Go HIGH PATCH This Week

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. Rated high severity (CVSS 8.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hermes Suse
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2026-22798 PyPI
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Hermes versions up to 0.9.1 is affected by insertion of sensitive information into log file (CVSS 5.9).

Information Disclosure Hermes
NVD GitHub
CVE-2025-1293 Go
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. Rated high severity (CVSS 8.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hermes Suse
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy