CVE-2026-53871
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk28th percentile — higher than 28% of all known CVEs
Summary
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles.
Risk Assessment
This vulnerability may lead to unauthorized access to sensitive data and resources, posing a significant security threat to the organization.
Recommendation
It is recommended to update Hermes WebUI to version 0.51.368 or later to mitigate this vulnerability and implement additional security measures to protect against potential attacks.
Original NVD description (English source)
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles.

