Description
A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skills_guard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREAT_PATTERNS leads to injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-24
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An injection vulnerability has been discovered in the Skills Guard Multi‑Word Prompt Handler component of NousResearch hermes‑agent. By manipulating the THREAT_PATTERNS argument in agent/skills_guard.py, an attacker can supply crafted input that is executed by the system. This flaw is a form of code injection that can lead to remote code execution. The weakness aligns with CWE‑74 for improper filtering and CWE‑707 for XML external entity mismanagement.

Affected Systems

This issue affects all installations of NousResearch hermes‑agent up to version 2026.4.23, as disclosed in the vendor product notes. No specific sub‑components or library versions are mentioned beyond the main module. Systems running newer releases are presumed unaffected but should verify the version.

Risk and Exploitability

The CVSS score of 6.9 indicates a medium‑to‑high severity, while the EPSS score is not provided, suggesting the exploitation likelihood is not quantified. Because the vulnerability allows remote exploitation and the exploit has been publicly disclosed, the risk is significant for exposed deployments. As the feature is not listed in CISA KEV, the criticality is moderate, yet administrators should treat it as a high‑priority patch once a fix is released.

Generated by OpenCVE AI on May 24, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade NousResearch hermes-agent to a version newer than 2026.4.23 that addresses the injection flaw.
  • Limit or validate input to the THREAT_PATTERNS parameter, ensuring only allowed patterns are accepted and removing any executable characters.
  • If an upgrade is not yet available, run the hermes-agent in a sandboxed or containerized environment with minimal privileges and enforce network isolation to reduce the impact of a potential exploitation.

Generated by OpenCVE AI on May 24, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 24 May 2026 05:00:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skills_guard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREAT_PATTERNS leads to injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title NousResearch hermes-agent Skills Guard Multi-Word Prompt skills_guard.py injection
First Time appeared Nousresearch
Nousresearch hermes-agent
Weaknesses CWE-707
CWE-74
CPEs cpe:2.3:a:nousresearch:hermes-agent:*:*:*:*:*:*:*:*
Vendors & Products Nousresearch
Nousresearch hermes-agent
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Nousresearch Hermes-agent
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-24T03:45:07.511Z

Reserved: 2026-05-23T09:19:38.292Z

Link: CVE-2026-9353

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-24T06:30:05Z

Weaknesses