CVE-2026-10221 | NousResearch hermes-agent up to 0.12.0 run_agent.py _compress_context injection

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability classified as critical has been found in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function _compress_context of the file run_agent.py. The manipulation leads to injection.

This vulnerability is traded as CVE-2026-10221. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-10221 | NousResearch hermes-agent up to 0.12.0 run_agent.py _compress_context injection

Post correlati

CVE-2024-20383 | Cisco Secure Email/Web Manager cross site scripting (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)

CVE-2025-3630 | IBM Sterling B2B Integrator/Sterling File Gateway up to 6.1.2.6/6.2.0.4 cross site scripting

CVE-2024-40509 | openPetra 2023.02 serverMFinDev.asmx cross site scripting

CVE-2024-8791 | Charitable Donation Forms Plugin up to 1.8.1.14 on WordPress resource injection