Submit #844654: Nous Research hermes-agent v2026.4.30 Improper Handling of Case Sensitivity Leading to Information Disclosure (CWE-178)info

TitelNous Research hermes-agent v2026.4.30 Improper Handling of Case Sensitivity Leading to Information Disclosure (CWE-178)
Beschreibung# Technical Details A hidden reasoning content leak exists in the `GatewayStreamConsumer._filter_and_accumulate()` method in `gateway/stream_consumer.py` and the `HermesCLI._stream_delta()` method in `cli.py` of hermes-agent. The application fails to normalize or compare reasoning tags case-insensitively during live streaming. The hardcoded tag lists only cover some exact-case variants, so uppercase or mixed-case tags such as `<THINK>`, `<Think>`, `<THOUGHT>`, and `<REASONING>` bypass the real-time filter and are rendered to the end user before later post-processing strips them. # Vulnerable Code File: `gateway/stream_consumer.py` Method: `GatewayStreamConsumer._filter_and_accumulate()` Why: `_OPEN_THINK_TAGS` and `_CLOSE_THINK_TAGS` contain an incomplete set of case variants, and the method uses exact `buf.find(tag)` matching. The duplicated logic in `cli.py` uses the same flawed approach, allowing unlisted case variants to pass through. # Reproduction 1. Download and run the PoC script `poc_exploit.py` from the linked advisory environment. 2. Feed simulated streamed model output containing uppercase or mixed-case reasoning tags such as `<THINK>Secret reasoning</THINK>` through `_filter_and_accumulate()`. 3. Observe that the hidden reasoning content is accumulated and displayed instead of being suppressed. 4. Run the control script with listed lowercase tags and confirm those are filtered correctly. # Impact - Hidden chain-of-thought, system prompts, and internal reasoning can be exposed to end users during streaming. - Tool arguments, file paths, API endpoints, and other sensitive runtime context may be disclosed on connected platforms.
Quelle⚠️ https://gist.github.com/YLChen-007/2229e5505bcbb3e15a7ae8fba4c4be37,https://github.com/NousResearch/hermes-agent/issues/27288
Benutzer
 Eric-a (UID 96353)
Einreichung01.06.2026 10:13 (vor 1 Monat)
Moderieren03.07.2026 18:31 (1 month later)
StatusAkzeptiert
VulDB Eintrag376134 [NousResearch hermes-agent bis 2026.4.30 Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate Information Disclosure]
Punkte20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!