CVE-2026-49958
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: VulnCheck

Description
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlink after validation but before deletion. Attackers can substitute a workspace-controlled path component with a symlink pointing to an external directory between the safe_resolve_ws() validation step and the subsequent Path.unlink() or shutil.rmtree() deletion call, causing the delete operation to follow the symlink and remove arbitrary files outside the workspace.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-49958
EUVD
EUVD-2026-35706
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
hermes hermes_webui to 0.51.303 (exc)
nesquena hermes_webui to 0.51.303 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-367 The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-49958 is a time-of-check time-of-use (TOCTOU) race condition vulnerability in Hermes WebUI versions before 0.51.303, specifically in the git_discard function within api/workspace_git.py.

The vulnerability allows attackers to delete files outside the configured workspace boundary by exploiting a window between path validation and file deletion. An attacker can replace a validated path component with a symbolic link (symlink) pointing to an external directory after the validation step but before the deletion occurs.

As a result, the delete operation follows the symlink and removes arbitrary files outside the intended workspace, potentially causing unintended file deletions.

Impact Analysis

This vulnerability can lead to unauthorized deletion of files outside the intended workspace boundary.

An attacker who can control parts of the workspace path can exploit the race condition to substitute a symlink that points to sensitive or critical files elsewhere on the system.

Consequently, important files outside the workspace could be deleted, potentially causing data loss, disruption of services, or system instability.

Mitigation Strategies

To mitigate the vulnerability CVE-2026-49958 in Hermes WebUI, you should upgrade to version 0.51.303 or later, where the issue has been fixed.

The fix involves replacing the vulnerable deletion methods in the git_discard function with anchored deletion helpers (unlink_anchored and rmtree_anchored) that re-validate the workspace boundary at the time of deletion, preventing symlink-swap attacks.

Additionally, regression tests have been added to ensure the fix is effective and does not interfere with normal concurrent file removal operations.

Compliance Impact

The provided information does not include any details about how CVE-2026-49958 affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49958. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart