CVE-2026-53870
Deferred Deferred - Pending Action
Hermes Agent Information Disclosure via File Permissions

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: VulnCheck

Description
Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including conversation history, tool payloads, prompts, and per-route HMAC secrets.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-18
AI Q&A
2026-06-18
EPSS Evaluated
N/A
NVD
CVE-2026-53870
EUVD
EUVD-2026-37775
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hermes_agent hermes_agent to 0.16.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Hermes Agent versions before 0.16.0 create two files, response_store.db and webhook_subscriptions.json, with world-readable permissions (mode 0o644). This means that any local user on the system can read these files.

These files contain sensitive information such as conversation history, tool payloads, prompts, and per-route HMAC secrets. Because the files are accessible to all local users, attackers with local filesystem access can directly read these files and obtain this sensitive data.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information stored by Hermes Agent. Local attackers can access conversation histories, tool payloads, prompts, and HMAC secrets by reading the exposed files.

Such exposure can compromise the confidentiality of communications and potentially allow attackers to misuse HMAC secrets to impersonate or manipulate routes, leading to further security risks.

Detection Guidance

This vulnerability involves Hermes Agent before version 0.16.0 creating files response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing sensitive data to local users.

To detect this vulnerability on your system, you can check for the existence of these files and their permissions.

  • Use the command: ls -l /path/to/hermes_agent/response_store.db
  • Use the command: ls -l /path/to/hermes_agent/webhook_subscriptions.json

If these files exist and have permissions set to 644 (world-readable), the system is vulnerable.

Mitigation Strategies

Immediate mitigation involves restricting the permissions of the affected files to prevent world-readable access.

  • Change the permissions of response_store.db and webhook_subscriptions.json to be readable only by the owner, for example using: chmod 600 /path/to/hermes_agent/response_store.db
  • Similarly, run: chmod 600 /path/to/hermes_agent/webhook_subscriptions.json

Additionally, upgrade Hermes Agent to version 0.16.0 or later where this issue is fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53870. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart