CVE-2026-9368: Sandbox Issue in NousResearch hermes-agent
CVE-2026-9368 is a medium severity vulnerability in NousResearch hermes-agent versions up to 2026. 4. 16. It affects the execute_code function in the tools/code_execution_tool. py file within the Environment Variable Handler component, leading to a sandbox issue. This vulnerability can be exploited remotely without authentication or user interaction. Although an exploit is publicly available, there is no vendor response or official patch at this time.
AI Analysis
Technical Summary
This vulnerability involves a sandbox bypass or escape in the execute_code function of the hermes-agent tool by NousResearch, specifically in the Environment Variable Handler component. The issue allows remote attackers to manipulate the sandbox environment, potentially enabling unauthorized code execution or other impacts related to sandbox integrity. The affected versions include all releases up to 2026.4.16. The CVSS 4.0 base score is 6.9, indicating medium severity with network attack vector, low complexity, no privileges or user interaction required, and low impact on confidentiality, integrity, and availability. No official remediation or patch has been disclosed, and the vendor has not responded to the vulnerability report.
Potential Impact
The vulnerability allows remote attackers to bypass or manipulate the sandbox environment in the hermes-agent, potentially leading to unauthorized code execution or other security impacts related to sandbox compromise. The impact on confidentiality, integrity, and availability is rated as low. No known exploits in the wild have been reported, but a public exploit exists.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded and no official patch or workaround is available, users should consider restricting network exposure of the affected hermes-agent versions and monitor for suspicious activity related to code execution attempts. Avoid deploying affected versions in untrusted environments until a fix is released.
CVE-2026-9368: Sandbox Issue in NousResearch hermes-agent
Description
CVE-2026-9368 is a medium severity vulnerability in NousResearch hermes-agent versions up to 2026. 4. 16. It affects the execute_code function in the tools/code_execution_tool. py file within the Environment Variable Handler component, leading to a sandbox issue. This vulnerability can be exploited remotely without authentication or user interaction. Although an exploit is publicly available, there is no vendor response or official patch at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves a sandbox bypass or escape in the execute_code function of the hermes-agent tool by NousResearch, specifically in the Environment Variable Handler component. The issue allows remote attackers to manipulate the sandbox environment, potentially enabling unauthorized code execution or other impacts related to sandbox integrity. The affected versions include all releases up to 2026.4.16. The CVSS 4.0 base score is 6.9, indicating medium severity with network attack vector, low complexity, no privileges or user interaction required, and low impact on confidentiality, integrity, and availability. No official remediation or patch has been disclosed, and the vendor has not responded to the vulnerability report.
Potential Impact
The vulnerability allows remote attackers to bypass or manipulate the sandbox environment in the hermes-agent, potentially leading to unauthorized code execution or other security impacts related to sandbox compromise. The impact on confidentiality, integrity, and availability is rated as low. No known exploits in the wild have been reported, but a public exploit exists.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded and no official patch or workaround is available, users should consider restricting network exposure of the affected hermes-agent versions and monitor for suspicious activity related to code execution attempts. Avoid deploying affected versions in untrusted environments until a fix is released.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-23T10:33:15.559Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a12c1f509f6977edb44a359
Added to database: 5/24/2026, 9:16:37 AM
Last enriched: 5/24/2026, 9:31:37 AM
Last updated: 5/24/2026, 10:21:05 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.