NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection_CVE-2026-9367

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect_dangerous_command of the file tools/approval.py of the component terminal_tool. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-9367

Source VulDB

Published May 24, 2026 at 08:30

Affected Product

Vendor NousResearch

Product hermes-agent

Version 5157f5427f19488b31c6fdebbacd15d798ce7f63

Affected Versions NousResearch hermes-agent 5157f5427f19488b31c6fdebbacd15d798ce7f63

CWE Classification

CWE-78 CWE-77

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect_dangerous_command of the file tools/approval.py of the component terminal_tool. This manipulation causes os command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-24T08:30:10.795Z",
    "modified": "2026-05-24T08:30:10.795Z",
    "type": "cve",
    "title": "NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365330\nhttps://vuldb.com/vuln/365330/cti\nhttps://vuldb.com/submit/812228\nhttps://gist.github.com/YLChen-007/75fb10319693e86106ced2ef3a472c80",
    "id": "CVE-2026-9367",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "NousResearch hermes-agent 5157f5427f19488b31c6fdebbacd15d798ce7f63",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "hermes-agent",
    "version": "5157f5427f19488b31c6fdebbacd15d798ce7f63",
    "vendor": "NousResearch",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}