CVE-2026-10222
MEDIUMNousResearch hermes-agent config.py _sanitize_env_lines injection
Title source: cnaDescription
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
References (5)
Core 5
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-367501 | NousResearch hermes-agent config.py _sanitize_env_lines injection
https://vuldb.com/vuln/367501
Signature, Permissions Required signature
permissions-required
VDB-367501 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/367501/cti
Third Party Advisory third-party-advisory
CVE-2026-10222 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-10222
Third Party Advisory third-party-advisory
Submit #822020 | NousResearch hermes-agent <= v2026.4.30 Injection (CWE-74)
https://vuldb.com/submit/822020
Scores
CVSS v3
5.6
EPSS
0.0027
EPSS Percentile
17.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-707
CWE-74
Status
published
Products (31)
NousResearch/hermes-agent
2026.4.0
NousResearch/hermes-agent
2026.4.1
NousResearch/hermes-agent
2026.4.10
NousResearch/hermes-agent
2026.4.11
NousResearch/hermes-agent
2026.4.12
NousResearch/hermes-agent
2026.4.13
NousResearch/hermes-agent
2026.4.14
NousResearch/hermes-agent
2026.4.15
NousResearch/hermes-agent
2026.4.16
NousResearch/hermes-agent
2026.4.17
... and 21 more
Published
Jun 01, 2026
Tracked Since
Jun 01, 2026