Impact
Hermes Agent prior to version 0.16.0 creates the files response_store.db and webhook_subscriptions.json with world‑readable permissions (mode 0o644). This allows any local system user to read conversation histories, tool payloads, prompts, and per‑route HMAC secrets, compromising the confidentiality of the data processed by the agent.
Affected Systems
The vulnerability affects the NousResearch Hermes Agent product. Any deployment of Hermes Agent before version 0.16.0 is susceptible; specific releases such as v2026.6.5 are included. Users must verify whether their installation falls within this range and upgrade accordingly.
Risk and Exploitability
The CVSS score of 6.8 classifies the flaw as moderate severity. The EPSS score of less than 1% indicates a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Attackers require local filesystem access, so the likely scenario is a compromised or shared environment where a non‑privileged user could read the affected files. The flaw does not enable remote code execution, but it exposes sensitive data that could be leveraged downstream.
OpenCVE Enrichment
Github GHSA