CVE-2026-22677

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.44 Release T

Description A path traversal issue exists in the session import endpoint. Authenticated attackers can read arbitrary files by importing a crafted session containing an unrestricted workspace value. By supplying a blocked filesystem root in the workspace field and using relative paths in the session file API, an attacker can access any file readable by the WebUI process.

Recommendations Update to version 0.51.44 Release T or later.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-22677

Affected Products

Hermes-Webui

CVE-2026-22677

Weakness Enumeration

Related Identifiers

Affected Products

References · 6