Impact
A flaw in the extract_media function of the Live Webhook Endpoint allows an attacker to supply a crafted payload that triggers a path traversal condition. This vulnerability can enable remote actors to read or possibly write arbitrary files on the host running the Hermes Agent, leading to information disclosure or privilege escalation. An exploit is available publicly and can be launched from the network.
Affected Systems
NousResearch Hermes Agent versions up to 2026.5.16 are affected. Any deployments using this component and exposing the Live Webhook Endpoint to external traffic are at risk.
Risk and Exploitability
The CVSS score of 6.9 indicates moderate severity and the EPSS score is not provided, though the issue is publicly disclosed. The vulnerability is not listed in CISA’s KEV catalog. Attacks are remote and can be carried out by sending malicious data to the webhook endpoint, which then processes the payload in the extract_media routine without proper path sanitization. Failure to mitigate could allow an attacker to read sensitive files or alter configuration resources.
OpenCVE Enrichment