CVE-2026-53870

medium

Description

Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including conversation history, tool payloads, prompts, and per-route HMAC secrets.

References

https://www.vulncheck.com/advisories/hermes-agent-sensitive-file-permission-vulnerability-in-store-files

https://github.com/NousResearch/hermes-agent/releases/tag/v2026.6.5

https://github.com/NousResearch/hermes-agent/pull/31469

https://github.com/NousResearch/hermes-agent/pull/30917

https://github.com/NousResearch/hermes-agent/commit/3bace071bfadf2d2bec2ee048471a31ec920e3e8

Details

Source: Mitre, NVD

Published: 2026-06-17

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

CVSS v4

Base Score: 6.8

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00108