PT-2026-57019 · Nousresearch · Hermes-Agent

Eric-D

·

Published

2026-07-09

·

Updated

2026-07-10

·

CVE-2026-15311

CVSS v3.1

3.5

Low

VectorAV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter. markdown to html of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. The pull request to fix this issue awaits acceptance.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15311

Affected Products

Hermes-Agent