No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 03 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case sensitivity. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. The project decided to not implement a dedicated fix: "[T]he analysis and the fix are both sound. It just lands below the bar for the maintenance cost of a duplicated scrub path." | |
| Title | NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity | |
| First Time appeared |
Nousresearch
Nousresearch hermes-agent |
|
| Weaknesses | CWE-178 CWE-697 |
|
| CPEs | cpe:2.3:a:nousresearch:hermes-agent:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Nousresearch
Nousresearch hermes-agent |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-03T21:45:10.246Z
Reserved: 2026-07-03T16:31:16.337Z
Link: CVE-2026-14617
No data.
No data.
No data.
OpenCVE Enrichment
No data.