Symlink Following Vulnerability in NousResearch Hermes-Agent 0.8.0
CVE-2026-7397

4.8MEDIUM

Key Information:

Vendor

Nousresearch

Status
Hermes-agent
Vendor
CVE Published:
29 April 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-7397?

A security flaw exists in NousResearch hermes-agent version 0.8.0, specifically in the _check_sensitive_path function located in tools/file_tools.py. This vulnerability enables attackers to manipulate symlink-following behavior, which poses a risk to local system integrity. It is critical to address this issue as an exploit is publicly available. The recommended solution is to upgrade to version 0.9.0, where the flaw has been fixed with the patch identified by the commit hash 311dac197145e19e07df68feba2cd55d896a3cd1. Staying updated with the latest version ensures enhanced security against potential attacks.

Affected Version(s)

hermes-agent 0.8.0

hermes-agent 0.9.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-7397 - Proof of Concept

References

https://vuldb.com/vuln/360121
vdb-entrytechnical-description
https://vuldb.com/vuln/360121/cti
signaturepermissions-required
https://vuldb.com/submit/803270
third-party-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Yu_Bao (VulDB User)
.