Eric-I

**Name of the Vulnerable Software and Affected Versions** NousResearch hermes-agent versions prior to 2026.4.24 **Description** A weakness in the Messaging Gateway Handler component allows for remote information disclosure. The issue is located within the ` make run env()` function in the `tools/environments/local.py` file. **Recommendations** Update to a version later than 2026.4.23. As a temporary workaround, restrict access to the ` make run env()` function in the `tools/environments/local.py` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NousResearch hermes-agent versions prior to 2026.4.23 **Description** An injection issue exists in the Skills Guard Multi-Word Prompt Handler component within the file agent/skills guard.py. The flaw allows remote exploitation through the manipulation of the `THREAT PATTERNS` argument. **Recommendations** Update to a version later than 2026.4.23. As a temporary mitigation, restrict the use of the `THREAT PATTERNS` argument in the agent/skills guard.py file.

**Name of the Vulnerable Software and Affected Versions** hermes-agent versions prior to 2026.4.17 **Description** A remote issue exists in the Slack Agent/Mattermost Agent component of NousResearch hermes-agent. Manipulation of the `format message` argument leads to output escaping. **Recommendations** Update to a version later than 2026.4.16. As a temporary workaround, restrict the use of the `format message` argument within the Slack Agent/Mattermost Agent component.

**Name of the Vulnerable Software and Affected Versions** NousResearch hermes-agent version 2026.4.23 **Description** A remote injection issue exists in the ` scan context content()` function within the `agent/prompt builder.py` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the ` scan context content()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NousResearch hermes-agent versions prior to 5157f5427f19488b31c6fdebbacd15d798ce7f63 **Description** An OS command injection issue exists in the `terminal tool` component, specifically within the `detect dangerous command()` function located in the `tools/approval.py` file. This flaw allows a remote attacker to execute arbitrary operating system commands. **Recommendations** Update to a version later than 5157f5427f19488b31c6fdebbacd15d798ce7f63. As a temporary workaround, restrict access to the `detect dangerous command()` function in the `tools/approval.py` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** hermes-agent versions prior to 2026.4.17 **Description** A remote attack can be launched against the Environment Variable Handler component. The issue resides in the `execute code()` function within the `tools/code execution tool.py` file, where manipulation can lead to a sandbox issue, potentially allowing code to escape the restricted execution environment. **Recommendations** Update to a version later than 2026.4.16. As a temporary workaround, restrict access to the `execute code()` function in the `tools/code execution tool.py` file.

**Name of the Vulnerable Software and Affected Versions** hermes-agent version 2026.4.23 **Description** A security flaw exists in the CLI web-dashboard Interface within the ` discover dashboard plugins()` function of the `hermes cli/web server.py` file. A manipulation of the `HERMES ENABLE PROJECT PLUGINS` argument leads to an incorrect comparison. This issue requires local access to be exploited. **Recommendations** As a temporary workaround, restrict access to the ` discover dashboard plugins()` function or avoid manipulating the `HERMES ENABLE PROJECT PLUGINS` argument until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.