CVE Catalog

CVE-2026-53871

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

28th percentile — higher than 28% of all known CVEs

Summary

Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles.

Risk Assessment

This vulnerability may lead to unauthorized access to sensitive data and resources, posing a significant security threat to the organization.

Recommendation

It is recommended to update Hermes WebUI to version 0.51.368 or later to mitigate this vulnerability and implement additional security measures to protect against potential attacks.

Original NVD description (English source)

Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS