CVE-2026-10224 | NousResearch hermes-agent up to 2026.4.30 Webhook Endpoint feishu.py _handle_webhook_request resource consumption

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability, which was classified as problematic, was found in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption.

This vulnerability is uniquely identified as CVE-2026-10224. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-10224 | NousResearch hermes-agent up to 2026.4.30 Webhook Endpoint feishu.py _handle_webhook_request resource consumption

Post correlati

CVE-2025-7498 | Exclusive Addons for Elementor Plugin 2.7.9.4 on WordPress Countdown Widget cross site scripting

CVE-2024-10287 | LocalServer 1.0.9 /mlss/ForgotPassword ListName cross site scripting

CVE-2025-6791 | Centreon Web up to 23.10.25/24.04.15/24.10.8 HTTP Request sql injection

CVE-2024-35397 | Totolink CP900L 4.1.5cu.798_B20221228 Request NTPSyncWithHost hostTime command injection