CVE-2026-9368 | NousResearch hermes-agent up to 2026.4.16 Environment Variable code_execution_tool.py execute_code sandbox

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability classified as critical was found in NousResearch hermes-agent up to 2026.4.16. This impacts the function execute_code of the file tools/code_execution_tool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue.

This vulnerability is referenced as CVE-2026-9368. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9368 | NousResearch hermes-agent up to 2026.4.16 Environment Variable code_execution_tool.py execute_code sandbox

Post correlati

CVE-2026-2669 | Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206 User /dm/dispatch/user/delete ID access control

CVE-2025-49846 | wireapp wire-ios up to 3.124.0 canOpenUrl neutralization for logs

CVE-2024-27381 | Samsung Exynos 1330 slsi_send_action_frame_ut heap-based overflow

CVE-2024-4069 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 search.php txtSearch sql injection