CVE-2026-10222

MEDIUM 5.6

NousResearch hermes-agent config.py _sanitize_env_lines injection

CVSS Score

5.6

EPSS Score

0.0%

EPSS Percentile

15th

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-74 CWE-707
Vendor	nousresearch
Product	hermes-agent
Published	Jun 1, 2026
Last Updated	Jun 1, 2026

Stay Ahead of the Next One

Get instant alerts for nousresearch hermes-agent

Be the first to know when new medium vulnerabilities affecting nousresearch hermes-agent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

NousResearch / hermes-agent

2026.4.0 2026.4.1 2026.4.2 2026.4.3 2026.4.4 2026.4.5 2026.4.6 2026.4.7 2026.4.8 2026.4.9 2026.4.10 2026.4.11 2026.4.12 2026.4.13 2026.4.14 2026.4.15 2026.4.16 2026.4.17 2026.4.18 2026.4.19 2026.4.20 2026.4.21 2026.4.22 2026.4.23 2026.4.24 2026.4.25 2026.4.26 2026.4.27 2026.4.28 2026.4.29 2026.4.30

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/367501 vuldb.com: https://vuldb.com/vuln/367501/cti vuldb.com: https://vuldb.com/cve/CVE-2026-10222 vuldb.com: https://vuldb.com/submit/822020 gist.github.com: https://gist.github.com/YLChen-007/7ee2eeaa383b3540d2e8854250c03fb0

Credits

🔍 Eric-j (VulDB User) VulDB CNA Team