CVE-2026-10548 in hermes-agentinformação

Sumário

de MITRE • 02/06/2026

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthropic_entry_from_credentials_file of the file agent/credential_pool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

02/06/2026

Moderação

aceite

Entrada

VDB-367645

CPE

pronto

CWE

CWE-287 (confirmado)

Exploração

Descarregar

CVSS

5.3 (VulDB)

EPSS

0.00021

KEV

não

Atividades

baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-10548
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-10548
CVE Details	https://www.cvedetails.com/cve/CVE-2026-10548/

◂ Voltar Visão Geral Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!