Hermes WebUI < 0.51.270 Resource Exhaustion via passkey/options_CVE-2026-49955

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Description

Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the authentication endpoint, causing unbounded growth of the challenge store file and excessive CPU and disk I/O through repeated JSON file rewrites.

Basic Information

ID CVE-2026-49955

Source VulnCheck

Published Jun 9, 2026 at 16:05

Affected Product

Vendor nesquena

Product hermes-webui

Affected Versions nesquena hermes-webui 0

CWE Classification

CWE-770

References

{
    "lastseen": "",
    "description": "Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the authentication endpoint, causing unbounded growth of the challenge store file and excessive CPU and disk I/O through repeated JSON file rewrites.",
    "published": "2026-06-09T16:05:33.140Z",
    "modified": "2026-06-09T16:05:33.140Z",
    "type": "cve",
    "title": "Hermes WebUI < 0.51.270 Resource Exhaustion via passkey/options",
    "source": "VulnCheck",
    "references": "https://github.com/nesquena/hermes-webui/releases/tag/v0.51.270\nhttps://github.com/nesquena/hermes-webui/pull/3624\nhttps://github.com/nesquena/hermes-webui/pull/3674\nhttps://github.com/nesquena/hermes-webui/commit/58528a4d88b0fa4f7b822e31d6051c669769bd3b\nhttps://www.vulncheck.com/advisories/hermes-webui-resource-exhaustion-via-passkey-options",
    "id": "CVE-2026-49955",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "nesquena hermes-webui 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "hermes-webui",
    "version": "0",
    "vendor": "nesquena",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}