CVE-2026-49956— Hermes WebUI < 0.51.269 Profile Isolation Bypass via sessions search

CVSS 6.5 · Medium EPSS 0.27% · P19 Updated Jun 27, 2026

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

Vendor	Product	Version Range	Status
nesquena	hermes-webui	`< 0.51.269`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-49956

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Hermes WebUI < 0.51.269 Profile Isolation Bypass via sessions search

Source: NVD (National Vulnerability Database)

Vulnerability Description

Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoint without active-profile filtering. Attackers can send requests to the sessions search handler to retrieve session titles and transcript message content from profiles other than their own active profile.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

Hermes Web UI 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Hermes Web UI是Nathan Esquenazi个人开发者的一个轻量级、暗色主题的自主智能体Web界面。 Hermes Web UI 0.51.269之前版本存在安全漏洞，该漏洞源于配置文件隔离绕过问题，可能导致认证用户通过查询会话搜索端点访问其他配置文件的数据。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
nesquena	hermes-webui	0 ~ 0.51.269	-

II. Public POCs for CVE-2026-49956

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-49956

请登录查看更多情报信息。

Same Patch Batch · nesquena · 2026-06-09 · 5 CVEs total

CVE-2026-49959	8.8 HIGH	Hermes WebUI < 0.51.311 RCE via Git Configuration Injection
CVE-2026-49957	7.7 HIGH	Hermes WebUI < 0.51.296 Workspace Boundary Bypass via api/workspace.py
CVE-2026-49955	5.3 MEDIUM	Hermes WebUI < 0.51.270 Resource Exhaustion via passkey/options
CVE-2026-49958	5.0 MEDIUM	Hermes WebUI < 0.51.303 TOCTOU Race Condition via git_discard

IV. Related Vulnerabilities

Same product: hermes-webui

Same vendor: nesquena

Same weakness: CWE-862

V. Comments for CVE-2026-49956

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-49956— Hermes WebUI < 0.51.269 Profile Isolation Bypass via sessions search

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-49956

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-49956

III. Intelligence Information for CVE-2026-49956

Patches & Fixes for CVE-2026-49956 (1)

Vendor Advisories for CVE-2026-49956 (1)

Vendor Pages for CVE-2026-49956 (1)

Same Patch Batch · nesquena · 2026-06-09 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-49956

Leave a comment