CVE-2026-53869: Missing Authentication for Critical Function in NousResearch hermes-agent
Hermes Agent versions before 0.16.0 contain a DNS rebinding vulnerability in WebSocket endpoints that bypasses Host and Origin validation. This occurs because FastAPI HTTP middleware does not run for WebSocket upgrade requests on certain API endpoints, allowing remote attackers to inject commands or read terminal output without authentication.
AI Analysis
Technical Summary
CVE-2026-53869 describes a missing authentication vulnerability in NousResearch's Hermes Agent prior to version 0.16.0. The issue arises from a DNS rebinding attack vector targeting WebSocket endpoints (/api/pty, /api/ws, /api/pub, and /api/events) where FastAPI HTTP middleware is not executed during WebSocket upgrades. This enables attackers to bypass Host and Origin validation, potentially injecting malicious commands or accessing terminal output remotely without any authentication or user interaction.
Potential Impact
The vulnerability allows unauthenticated remote attackers to bypass critical Host and Origin validation on WebSocket endpoints, leading to possible command injection or unauthorized reading of terminal output. This could result in unauthorized control or data exposure on affected Hermes Agent instances.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the affected WebSocket endpoints and consider network-level controls to prevent DNS rebinding attacks. Monitor vendor communications for updates on patches or official mitigations.
CVE-2026-53869: Missing Authentication for Critical Function in NousResearch hermes-agent
Description
Hermes Agent versions before 0.16.0 contain a DNS rebinding vulnerability in WebSocket endpoints that bypasses Host and Origin validation. This occurs because FastAPI HTTP middleware does not run for WebSocket upgrade requests on certain API endpoints, allowing remote attackers to inject commands or read terminal output without authentication.
CVSS v4.0
Score 8.7high
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-53869 describes a missing authentication vulnerability in NousResearch's Hermes Agent prior to version 0.16.0. The issue arises from a DNS rebinding attack vector targeting WebSocket endpoints (/api/pty, /api/ws, /api/pub, and /api/events) where FastAPI HTTP middleware is not executed during WebSocket upgrades. This enables attackers to bypass Host and Origin validation, potentially injecting malicious commands or accessing terminal output remotely without any authentication or user interaction.
Potential Impact
The vulnerability allows unauthenticated remote attackers to bypass critical Host and Origin validation on WebSocket endpoints, leading to possible command injection or unauthorized reading of terminal output. This could result in unauthorized control or data exposure on affected Hermes Agent instances.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the affected WebSocket endpoints and consider network-level controls to prevent DNS rebinding attacks. Monitor vendor communications for updates on patches or official mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-06-10T21:23:54.283Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a32e8dcf198dc38c1e39885
Added to database: 6/17/2026, 6:35:08 PM
Last enriched: 6/17/2026, 6:50:10 PM
Last updated: 6/17/2026, 9:03:17 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.