Description
nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process.
Published: 2026-04-21
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized file read/write via trusted‑boundary bypass
Action: Patch Immediately
AI Analysis

Impact

The vulnerability is a trust‑boundary failure that permits a logged‑in user to set a session workspace to any existing directory on the host by altering path parameters in API endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. This flaw allows the attacker to read from or write to files outside the intended workspace boundary using the hermes-webui process’s filesystem privileges.

Affected Systems

The affected product is nesquena’s hermes-webui application. No specific version numbers are listed in the advisory; the issue was addressed in later releases, such as tag v0.50.34. All deployments of the web interface that remain on earlier versions are potentially vulnerable.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate severity. EPSS data is not available, and the issue is not currently listed in the CISA KEV catalog. The flaw requires the attacker to be authenticated and to target API requests that accept a workspace path parameter. Successful exploitation grants the attacker arbitrary file system access within the hermes‑webui process’s privileges, which may lead to data disclosure, tampering, or execution of malicious code if the process has write access to executable files.

Generated by OpenCVE AI on April 22, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade hermes-webui to version v0.50.34 or later, where the workspace path validation flaw has been fixed.
  • Configure role‑based access so that only trusted administrators can create or modify session workspaces.
  • Implement application‑level validation of workspace paths to ensure they resolve within the designated trusted root; reject any requests that would resolve outside this directory.
  • Run hermes-webui with the least‑privilege file system permissions possible to limit the impact of any potential exploitation.

Generated by OpenCVE AI on April 22, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Nesquena
Nesquena hermes-webui
Vendors & Products Nesquena
Nesquena hermes-webui

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process.
Title nesquena hermes-webui Arbitrary Workspace Directory Access
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Nesquena Hermes-webui
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-22T12:18:04.871Z

Reserved: 2026-04-21T20:58:02.047Z

Link: CVE-2026-6829

cve-icon Vulnrichment

Updated: 2026-04-22T12:17:59.644Z

cve-icon NVD

Status : Received

Published: 2026-04-21T22:16:20.690

Modified: 2026-04-21T22:16:20.690

Link: CVE-2026-6829

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:45:01Z

Weaknesses