MEDIUM 6.5

CVE-2026-49956: Hermes WebUI Profile Isolation Bypass – Unauthenticated Session Data Disclosure

Hermes WebUI versions before 0.51.269 have a profile isolation flaw that lets logged-in users view other users' conversations and session data. An attacker with valid credentials can query the sessions search endpoint in a way that bypasses profile restrictions, exposing session titles and message transcripts they shouldn't be able to access. The vulnerability requires authentication but doesn't need user interaction to exploit.

Source data · NVD / CISA · public domain

CVSS
3.1 · 6.5 MEDIUM · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weaknesses (CWE)
CWE-862
Affected products
0 configuration(s)
Published / Modified
2026-06-09 / 2026-07-14

NVD description (verbatim)

Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoint without active-profile filtering. Attackers can send requests to the sessions search handler to retrieve session titles and transcript message content from profiles other than their own active profile.

6 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-49956 is an authorization bypass affecting Hermes WebUI's session search handler. The vulnerability stems from insufficient access control on the sessions search endpoint (CWE-862: Missing Authorization). Authenticated users can craft requests that lack active-profile filtering, allowing the endpoint to return session data across multiple profiles instead of restricting results to the attacker's own profile. The flaw permits disclosure of session metadata and message content from arbitrary profiles within the same Hermes instance.

Business impact

Multi-tenant or shared Hermes WebUI deployments face significant data exposure risk. User conversations, transcripts, and session information can be harvested by any authenticated account, potentially revealing sensitive business discussions, personal information, or confidential strategies discussed within the platform. This violates data confidentiality expectations and may trigger compliance violations depending on the nature of data stored in Hermes instances and applicable regulations.

Affected systems

Hermes WebUI versions before 0.51.269 are affected. Organizations running Hermes should check their deployed version immediately. The vulnerability affects all instances unless patched or upgraded to 0.51.269 or later.

Exploitability

This vulnerability has a CVSS 3.1 score of 6.5 (Medium) with a network attack vector, low complexity, and no user interaction required. Exploitation requires valid authentication credentials but is otherwise straightforward—an attacker need only send a malformed or unfiltered session search request. The barrier to weaponization is low for any insider or account holder with legitimate access to a Hermes instance.

Remediation

Upgrade Hermes WebUI to version 0.51.269 or later. The patch restores proper profile isolation by enforcing active-profile filtering on the session search endpoint. Organizations should prioritize patching based on the sensitivity of data stored in their Hermes instances and the number of user accounts with access.

Patch guidance

Apply Hermes WebUI version 0.51.269 or any subsequent release. Verify compatibility with your deployment before rolling out in production. Monitor upgrade changelogs for any behavioral changes to session search functionality. Test in a staging environment to confirm that profile isolation is properly enforced post-patch.

Detection guidance

Monitor for anomalous session search requests, particularly those lacking profile context or containing requests for sessions not assigned to the authenticated user. Review access logs for the sessions search handler to identify accounts querying data outside their assigned profiles. Implement alerting on cross-profile session queries if your logging and SIEM infrastructure can distinguish profile boundaries in Hermes request logs.

Why prioritize this

While the CVSS score is Medium, the risk should be elevated in environments where Hermes stores sensitive data, personal information, or business-critical conversations. The low complexity of exploitation and the requirement for only basic authentication make this a practical attack for insiders or compromised accounts. Organizations with stringent data governance or compliance requirements should treat this as higher priority.

Risk score, explained

The CVSS 3.1 score of 6.5 reflects a network-accessible endpoint (AV:N), straightforward exploitation technique (AC:L), mandatory authentication (PR:L), confidentiality impact (C:H), and no integrity or availability impact. The Medium severity appropriately captures that data disclosure is serious but does not affect service availability or allow modification of records. Context-specific factors—such as the sensitivity of stored conversations and number of users—may justify treating this as higher priority than the base score alone suggests.

Frequently asked questions

Can an attacker see other users' profiles without any valid account?

No. The vulnerability requires valid authentication credentials. An attacker must first have legitimate access to a Hermes WebUI instance. However, once authenticated, they can pivot to view data from other profiles without additional authorization checks.

Does this vulnerability allow modification or deletion of other users' sessions?

No. The vulnerability is strictly a confidentiality issue. Attackers can read and extract session titles and transcripts, but cannot edit, delete, or corrupt data belonging to other profiles. Integrity and availability are not compromised.

Are there any workarounds if we cannot patch immediately?

Restrict authentication access to Hermes WebUI to only trusted users and monitor session search activity closely. Network segmentation and access controls can limit exposure, but these are not substitutes for patching. Upgrade to version 0.51.269 as soon as operationally feasible.

Will upgrading to 0.51.269 break any integrations or workflows?

Verify against the Hermes release notes and your vendor advisory. The patch enforces stricter profile filtering on the sessions search endpoint, which may affect integrations or custom queries that were inadvertently relying on cross-profile access. Test thoroughly in a non-production environment before deploying.

This analysis is based on the published CVE description and CVSS metrics as of the modification date (2026-07-14). Organizations should verify patch availability and compatibility with their Hermes deployment directly from the vendor advisory before applying updates. Security research and threat intelligence should always be validated against current advisories and your own environment. This vulnerability has not been added to the CISA Known Exploited Vulnerabilities (KEV) catalog as of this publication date; however, the absence of KEV status does not imply absence of active exploitation. Implement defense-in-depth controls and monitor for suspicious access patterns independently of patch status. Source: NVD (public-domain), retrieved 2026-07-18. Analysis generated by SEC.co (claude-haiku-4-5).