Home

Description

nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process.

PUBLISHED Reserved 2026-04-21 | Published 2026-04-21 | Updated 2026-04-22 | Assigner VulnCheck




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

MEDIUM: 6.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

Any version before PR #416
affected

Credits

Chia Min Jun Lennon finder

References

github.com/nesquena/hermes-webui/pull/416 (Pull Request) related

github.com/...ommit/2a7a5ddfaf39e3b0094b7ac37e9f1dbcf40a3918 (Patch Commit) patch

github.com/nesquena/hermes-webui/releases/tag/v0.50.34 (Release Notes) release-notes

www.vulncheck.com/...ui-arbitrary-workspace-directory-access third-party-advisory

cve.org (CVE-2026-6829)

nvd.nist.gov (CVE-2026-6829)

Download JSON