CVE-2026-6830: CWE-668: Exposure of Resource to Wrong Sphere in nesquena hermes-webui
CVE-2026-6830 is a medium severity vulnerability in nesquena hermes-webui where environment variables from a previously active profile are not cleared when switching profiles. This allows an attacker or user to access sensitive secrets such as provider API keys from one profile context while operating in another, breaking the intended security isolation between profiles.
AI Analysis
Technical Summary
The vulnerability in nesquena hermes-webui arises from improper handling of environment variables during profile switching. Specifically, the environment variables from the previously active profile remain set and are not cleared before loading the next profile. Due to the additive behavior of dotenv reloads, this leads to leakage of sensitive information like API keys across profile boundaries, violating expected isolation and potentially exposing secrets to unauthorized profiles.
Potential Impact
An attacker or user with access to multiple profiles can gain unauthorized access to environment variables containing sensitive secrets from other profiles. This exposure can lead to compromise of provider API keys and other confidential data, undermining the security model that assumes profile isolation. The CVSS 4.8 score reflects a medium impact with local attack vector and low complexity.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should avoid switching profiles in a way that relies on environment variable isolation or manually clear environment variables between profile switches to prevent leakage.
CVE-2026-6830: CWE-668: Exposure of Resource to Wrong Sphere in nesquena hermes-webui
Description
CVE-2026-6830 is a medium severity vulnerability in nesquena hermes-webui where environment variables from a previously active profile are not cleared when switching profiles. This allows an attacker or user to access sensitive secrets such as provider API keys from one profile context while operating in another, breaking the intended security isolation between profiles.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in nesquena hermes-webui arises from improper handling of environment variables during profile switching. Specifically, the environment variables from the previously active profile remain set and are not cleared before loading the next profile. Due to the additive behavior of dotenv reloads, this leads to leakage of sensitive information like API keys across profile boundaries, violating expected isolation and potentially exposing secrets to unauthorized profiles.
Potential Impact
An attacker or user with access to multiple profiles can gain unauthorized access to environment variables containing sensitive secrets from other profiles. This exposure can lead to compromise of provider API keys and other confidential data, undermining the security model that assumes profile isolation. The CVSS 4.8 score reflects a medium impact with local attack vector and low complexity.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should avoid switching profiles in a way that relies on environment variable isolation or manually clear environment variables between profile switches to prevent leakage.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-04-21T21:22:31.635Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e7f01d19fe3cd2cdfcab55
Added to database: 4/21/2026, 9:46:05 PM
Last enriched: 4/21/2026, 10:02:08 PM
Last updated: 4/21/2026, 11:52:02 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.