Description
Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import handler, so the imported session is persisted with a null profile. Because a null profile is treated as the default profile by the profile authorization check, a user on the default profile can export the imported session transcript and use its session identifier to read files from the named profile's workspace, defeating the application's profile isolation.
Published: 2026-06-30
Score: 6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Hermes WebUI versions prior to 0.51.521 validate the workspace of an imported session against the active named profile, but the /api/session/import handler constructs the Session object without assigning a profile. The resulting session is persisted with a null profile, and the application treats a null profile as the default profile during authorization checks. Consequently, a user with only default‑profile access can import a session belonging to a higher‑privilege named profile, export its transcript, and use the session identifier to read files from that other profile’s workspace, thereby bypassing intended profile isolation.

Affected Systems

The issue affects the Hermes WebUI application from nesquena, specifically all releases older than version 0.51.521. The vulnerable component is the session import endpoint, /api/session/import, which processes imported session data.

Risk and Exploitability

The CVSS score of 6.0 indicates moderate severity. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting that public exploitation data is limited. An attacker would need to be authenticated to the system and must be able to access the /api/session/import endpoint, which is typically available to all authenticated users. While the description does not explicitly state the availability of this endpoint, it is inferred that the endpoint is accessible once a user is authenticated. Once the import is performed, the attacker can export the session transcript and use the session identifier to read files from a named profile’s workspace, thereby achieving unauthorized file access across profiles.

Generated by OpenCVE AI on June 30, 2026 at 17:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Hermes WebUI to version 0.51.521 or later, where the session import handler correctly assigns the profile and restores isolation.
  • If an upgrade cannot be performed immediately, restrict the /api/session/import endpoint so that only administrators can use it, or disable the import functionality entirely for non‑administrative users.
  • Monitor and audit session import activity and file access logs for evidence of cross‑profile access; investigate any anomalous sessions promptly.

Generated by OpenCVE AI on June 30, 2026 at 17:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 30 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import handler, so the imported session is persisted with a null profile. Because a null profile is treated as the default profile by the profile authorization check, a user on the default profile can export the imported session transcript and use its session identifier to read files from the named profile's workspace, defeating the application's profile isolation.
Title Hermes WebUI < 0.51.521 - Cross-Profile Authorization Bypass via Unset Session Profile on Import
Weaknesses CWE-732
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-30T16:47:35.711Z

Reserved: 2026-06-29T16:03:38.522Z

Link: CVE-2026-58174

cve-icon Vulnrichment

Updated: 2026-06-30T16:47:31.062Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T18:00:06Z

Weaknesses
  • CWE-732

    Incorrect Permission Assignment for Critical Resource