CVE-2026-7112 | NousResearch hermes-agent 0.8.0 API_SERVER_KEY api_server.py _check_auth improper authentication (Issue 6439)

A vulnerability identified as critical has been detected in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the component API_SERVER_KEY Handler. The manipulation leads to improper authentication.

This vulnerability is documented as CVE-2026-7112. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through a pull request but has not reacted yet.

CVE-2026-7112 | NousResearch hermes-agent 0.8.0 API_SERVER_KEY api_server.py _check_auth improper authentication (Issue 6439)

Post correlati

CVE-2025-49524 | Adobe Illustrator up to 28.7.6/29.5.1 null pointer dereference (apsb25-65)

CVE-2026-27360 | 10Web Photo Gallery Plugin up to 1.8.37 on WordPress cross site scripting

CVE-2024-9271 | Re WP Plugin up to 1.0.1 on WordPress SVG File Upload cross site scripting

CVE-2025-33249 | NVIDIA NeMo Framework command injection