CVE-2026-53870

Summary

Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including conversation history, tool payloads, prompts, and per-route HMAC secrets.

Affected Software

VendorProductVersion RangeStatus
NousResearchhermes-agent0 < 0.16.0affected
NousResearchhermes-agent0.16.0unaffected

Weaknesses

  • CWE-276: Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References