{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6829", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-21T20:58:02.047Z", "datePublished": "2026-04-21T21:09:59.923Z", "dateUpdated": "2026-04-21T21:09:59.923Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-21T21:09:59.923Z"}, "title": "nesquena hermes-webui Arbitrary Workspace Directory Access", "datePublic": "2026-04-21T21:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "affected": [{"vendor": "nesquena", "product": "hermes-webui", "versions": [{"status": "affected", "version": "0", "lessThan": "PR #416", "versionType": "git"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process.</p>"}]}], "references": [{"url": "https://github.com/nesquena/hermes-webui/pull/416", "name": "Pull Request", "tags": ["related"]}, {"url": "https://github.com/nesquena/hermes-webui/commit/2a7a5ddfaf39e3b0094b7ac37e9f1dbcf40a3918", "name": "Patch Commit", "tags": ["patch"]}, {"url": "https://github.com/nesquena/hermes-webui/releases/tag/v0.50.34", "name": "Release Notes", "tags": ["release-notes"]}, {"url": "https://www.vulncheck.com/advisories/nesquena-hermes-webui-arbitrary-workspace-directory-access", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}], "credits": [{"lang": "en", "value": "Chia Min Jun Lennon", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulating workspace path parameters in endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. Attackers can repoint a session workspace to a directory outside the intended trusted root and then use ordinary file read and write APIs to access or modify files outside the intended workspace boundary within the permissions of the hermes-webui process."}], "id": "CVE-2026-6829", "lastModified": "2026-04-21T22:16:20.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-21T22:16:20.690", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/nesquena/hermes-webui/commit/2a7a5ddfaf39e3b0094b7ac37e9f1dbcf40a3918"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/nesquena/hermes-webui/pull/416"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/nesquena/hermes-webui/releases/tag/v0.50.34"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/nesquena-hermes-webui-arbitrary-workspace-directory-access"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T04:35:38.345357+00:00", "value": {"mitigation_remediation": ["Upgrade hermes-webui to version v0.50.34 or later, where the workspace path validation flaw has been fixed. ", "Configure role\u2011based access so that only trusted administrators can create or modify session workspaces. ", "Implement application\u2011level validation of workspace paths to ensure they resolve within the designated trusted root; reject any requests that would resolve outside this directory. ", "Run hermes-webui with the least\u2011privilege file system permissions possible to limit the impact of any potential exploitation."], "summary": {"action": "Patch Immediately", "impact": "Unauthorized file read/write via trusted\u2011boundary bypass"}, "threat_synthesis": {"affected_systems": "The affected product is nesquena\u2019s hermes-webui application. No specific version numbers are listed in the advisory; the issue was addressed in later releases, such as tag v0.50.34. All deployments of the web interface that remain on earlier versions are potentially vulnerable.", "description_and_impact": "The vulnerability is a trust\u2011boundary failure that permits a logged\u2011in user to set a session workspace to any existing directory on the host by altering path parameters in API endpoints such as /api/session/new, /api/session/update, /api/chat/start, and /api/workspaces/add. This flaw allows the attacker to read from or write to files outside the intended workspace boundary using the hermes-webui process\u2019s filesystem privileges.", "risk_and_exploitability": "The CVSS score is 5.3, indicating moderate severity. EPSS data is not available, and the issue is not currently listed in the CISA KEV catalog. The flaw requires the attacker to be authenticated and to target API requests that accept a workspace path parameter. Successful exploitation grants the attacker arbitrary file system access within the hermes\u2011webui process\u2019s privileges, which may lead to data disclosure, tampering, or execution of malicious code if the process has write access to executable files."}}}}, "created": "2026-04-22T04:45:09.348428+00:00", "updated": "2026-04-22T04:45:09.348439+00:00", "vendors": []}