By weakness (CWE)
CWE-707: related vulnerabilities
CVEs classified under CWE-707. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
6 published vulnerabilities
- CVE-2026-10220HIGH 7.3
NousResearch's hermes-agent application contains a vulnerability in how it handles plugin skill requests. An attacker can send specially crafted input to the skill_view function that gets injected into backend operations, potentially compromising the confidentiality, integrity, and availability of the affected system. The vulnerability is network-accessible, requires no authentication, and can be triggered without user interaction. Because exploit details have been publicly disclosed, the attack surface is visible to potential adversaries.
- CVE-2026-10221HIGH 7.3
A code injection vulnerability exists in NousResearch's hermes-agent software, affecting versions up to 0.12.0. The flaw resides in the context compression function and allows remote attackers to inject malicious code without requiring authentication or user interaction. Public exploit code is available, increasing the practical risk of exploitation.
- CVE-2026-10210MEDIUM 6.3
AstrBot version 4.23.6 contains a vulnerability in its skill management system that allows authenticated users to inject malicious code through the prompt description field. An attacker with login credentials can manipulate how skill prompts are processed, potentially leading to unauthorized data access, system modification, or service disruption. The vulnerability has been publicly disclosed, and exploit code is available, though the vendor has not engaged with disclosure efforts.
- CVE-2026-10223MEDIUM 6.3
NousResearch's hermes-agent software contains an injection vulnerability in its memory scanning tool that allows authenticated users to inject malicious input. An attacker with valid credentials can exploit this flaw remotely to manipulate the application's memory handling logic. The vulnerability affects all versions up to 2026.4.30, and exploit code has already been publicly disclosed, raising the practical risk despite a moderate CVSS score.
- CVE-2026-10222MEDIUM 5.6
A vulnerability exists in NousResearch's hermes-agent software that allows attackers to inject malicious code through improper sanitization of environment variables. The flaw resides in the configuration parsing logic and can be exploited remotely, though successful exploitation requires substantial technical knowledge and effort. While a public exploit exists, the attack surface is limited by high complexity requirements. This is a medium-severity issue affecting versions up to 2026.4.30.
- CVE-2026-10661MEDIUM 4.3
A vulnerability in the blender-mcp project allows an authenticated attacker to inject malicious input through the input_image_url parameter in the Open function of src/blender_mcp/server.py. Because authentication is required and the vulnerability only exposes limited information (not enabling code execution or system availability impact), the overall risk is moderate. However, the public disclosure means exploitation techniques are now accessible to threat actors.