CVE-2026-7397 | NousResearch hermes-agent 0.8.0 tools/file_tools.py _check_sensitive_path symlink (Issue 8734)

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability described as critical has been identified in NousResearch hermes-agent 0.8.0. This affects the function _check_sensitive_path of the file tools/file_tools.py. The manipulation results in symlink following.

This vulnerability is known as CVE-2026-7397. Attacking locally is a requirement. Furthermore, an exploit is available.

Upgrading the affected component is recommended.

CVE-2026-7397 | NousResearch hermes-agent 0.8.0 tools/file_tools.py _check_sensitive_path symlink (Issue 8734)

Post correlati

CVE-2026-32053 | OpenClaw up to 2026.2.22 authentication replay (GHSA-vqx8-9xxw-f2m7)

CVE-2026-3405 | thinkgem JeeSite up to 5.15.1 Connection path traversal

CVE-2023-42748 | Unisoc S8000 Telecom Service permission

CVE-2024-35469 | SourceCodester Codester Human Resource Management System 1.0 /hrm/user/ password sql injection