CVE-2026-9352 | NousResearch hermes-agent up to 2026.4.23 Messaging Gateway local.py _make_run_env information disclosure

A vulnerability described as problematic has been identified in NousResearch hermes-agent up to 2026.4.23. This issue affects the function _make_run_env of the file tools/environments/local.py of the component Messaging Gateway Handler. Executing a manipulation can lead to information disclosure.

The identification of this vulnerability is CVE-2026-9352. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9352 | NousResearch hermes-agent up to 2026.4.23 Messaging Gateway local.py _make_run_env information disclosure

Post correlati

CVE-2024-30799 | PX4 Autopilot up to 1.14 Breach Return Point Privilege Escalation (Issue 22428)

CVE-2024-13657 | store-locator-pro Store Locator Widget Plugin up to 20200131 on WordPress Shortcode storelocatorwidget cross site scripting

CVE-2025-58777 | Keyence VT Studio up to 8.53 uninitialized pointer

CVE-2024-48123 | HI-SCAN 6040i Hitrax HX-03-19-I USB Autorun unrestricted upload