CVE-2026-49958: Time-of-check Time-of-use (TOCTOU) Race Condition in nesquena hermes-webui
Hermes WebUI before version 0. 51. 303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function. This flaw allows an attacker to delete files outside the intended workspace by exploiting a symlink substitution between path validation and file deletion. The vulnerability arises because the application validates a path component but does not prevent it from being replaced by a symlink pointing outside the workspace before deletion occurs.
AI Analysis
Technical Summary
CVE-2026-49958 describes a TOCTOU race condition in the nesquena hermes-webui product, specifically in the git_discard function within api/workspace_git.py. The vulnerability allows an attacker with limited privileges to replace a validated workspace path component with a symlink to an external directory after the safe_resolve_ws() validation but before the deletion operation (Path.unlink() or shutil.rmtree()). This causes the deletion operation to follow the symlink and remove arbitrary files outside the configured workspace boundary, potentially leading to unauthorized file deletion on the host system.
Potential Impact
An attacker with the ability to influence workspace paths can cause the application to delete arbitrary files outside the intended workspace. This can lead to loss of data or disruption of system files. The CVSS 4.3 score reflects a medium severity with local attack vector, high attack complexity, and limited privileges required. There is no indication of remote exploitation or privilege escalation beyond the deletion capability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should restrict access to the workspace and monitor for suspicious file operations. Avoid running the affected function with elevated privileges. Follow vendor updates for an official fix or temporary mitigation.
CVE-2026-49958: Time-of-check Time-of-use (TOCTOU) Race Condition in nesquena hermes-webui
Description
Hermes WebUI before version 0. 51. 303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function. This flaw allows an attacker to delete files outside the intended workspace by exploiting a symlink substitution between path validation and file deletion. The vulnerability arises because the application validates a path component but does not prevent it from being replaced by a symlink pointing outside the workspace before deletion occurs.
CVSS v4.0
Score 4.3medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-49958 describes a TOCTOU race condition in the nesquena hermes-webui product, specifically in the git_discard function within api/workspace_git.py. The vulnerability allows an attacker with limited privileges to replace a validated workspace path component with a symlink to an external directory after the safe_resolve_ws() validation but before the deletion operation (Path.unlink() or shutil.rmtree()). This causes the deletion operation to follow the symlink and remove arbitrary files outside the configured workspace boundary, potentially leading to unauthorized file deletion on the host system.
Potential Impact
An attacker with the ability to influence workspace paths can cause the application to delete arbitrary files outside the intended workspace. This can lead to loss of data or disruption of system files. The CVSS 4.3 score reflects a medium severity with local attack vector, high attack complexity, and limited privileges required. There is no indication of remote exploitation or privilege escalation beyond the deletion capability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should restrict access to the workspace and monitor for suspicious file operations. Avoid running the affected function with elevated privileges. Follow vendor updates for an official fix or temporary mitigation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-06-02T16:30:15.233Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a284d178dd33fbd85665a1c
Added to database: 6/9/2026, 5:27:51 PM
Last enriched: 6/9/2026, 5:41:28 PM
Last updated: 6/9/2026, 7:02:47 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.