Description
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-06-01
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the _sanitize_env_lines function of hermes_cli/config.py and permits an attacker to inject arbitrary content via environment variable lines. This injection can lead to remote code execution or manipulation of the agent’s behaviour. The flaw is categorized as a command or shell injection (CWE-74) and a configuration-related injection (CWE-707).

Affected Systems

The affected product is NousResearch Hermes-agent, specifically all releases up to and including version 2026.4.30. No other variants or product lines are mentioned in the provided data.

Risk and Exploitability

The CVSS score of 6.3 indicates a moderate risk level. EPSS information is not available, but a public exploit has been released, demonstrating that the flaw can be weaponised. The attack requires a high level of complexity and is deemed difficult to execute, yet it can be carried out remotely, creating a tangible threat. The vulnerability is not listed in the CISA KEV catalog, suggesting no active exploitation campaigns at the time of reporting.

Generated by OpenCVE AI on June 1, 2026 at 06:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a Hermes-agent release newer than 2026.4.30 once it becomes available.
  • If an upgrade is not immediately feasible, apply input validation to sanitise or reject problematic environment variable lines before they are used by the agent.
  • Restrict and monitor the source of environment variables supplied to the agent to prevent unauthorized injection.
  • Notify NousResearch of the issue and request an official patch if none is forthcoming.

Generated by OpenCVE AI on June 1, 2026 at 06:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 05:45:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title NousResearch hermes-agent config.py _sanitize_env_lines injection
First Time appeared Nousresearch
Nousresearch hermes-agent
Weaknesses CWE-707
CWE-74
CPEs cpe:2.3:a:nousresearch:hermes-agent:*:*:*:*:*:*:*:*
Vendors & Products Nousresearch
Nousresearch hermes-agent
References
Metrics cvssV2_0

{'score': 5.1, 'vector': 'AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.6, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Nousresearch Hermes-agent
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-01T04:00:11.313Z

Reserved: 2026-05-31T07:51:26.584Z

Link: CVE-2026-10222

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T06:16:36.053

Modified: 2026-06-01T06:16:36.053

Link: CVE-2026-10222

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T06:30:22Z

Weaknesses