CVE-2026-14783
Last modified
CVE-2026-14783 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. EPSS estimates a 0.33% chance of exploitation in the next 30 days.
Description
A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 56f833efa427ccb444c0f9ad1759af1012f2124d. It is advisable to implement a patch to correct this issue.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| NousResearch | hermes-agent | 2026.5.29.2 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14783?
How severe is CVE-2026-14783?
How do I fix CVE-2026-14783?
Related CVEs from 2026
- CVE-2026-14775A vulnerability was identified in SourceCodester Onlne Exami…6.3
- CVE-2026-14776A security flaw has been discovered in SourceCodester Onlne …6.3
- CVE-2026-14777A weakness has been identified in SourceCodester Onlne Exami…6.3
- CVE-2026-14778A security vulnerability has been detected in SourceCodester…7.3
- CVE-2026-1478An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14781A flaw exists in the org.keycloak.broker.oidc package where …4.8
- CVE-2026-14784A vulnerability was identified in vxcontrol PentAGI up to 2.…6.3
- CVE-2026-14786A security flaw has been discovered in radareorg radare2 up …5.5
- CVE-2026-14787A weakness has been identified in radareorg radare2 up to 6.…7.8
- CVE-2026-14788A security vulnerability has been detected in radareorg rada…7.8
- CVE-2026-14789A vulnerability was detected in radareorg radare2 up to 6.1.…7.8
- CVE-2026-1479An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
Are you affected by CVE-2026-14783?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
