CVE-2026-14626
Received Received - Intake

Remote DoS in NousResearch Hermes-Agent via HTTP API

Vulnerability report for CVE-2026-14626, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-04

Last updated on: 2026-07-04

Assigner: VulDB

Description

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.run_conversation of the file run_agent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-04
Last Modified
2026-07-04
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
nousresearch hermes-agent to 2026.5.29.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Hermes Agent API Server, specifically in how it handles todo-tool history hydration. The server accepts conversation history entries from callers and trusts messages with a todos JSON object as authoritative output without verifying their authenticity or size.

An attacker with API access can submit a forged tool-history entry containing a very large todo item. This causes persistent inflation of the session context, which is stored and reused in later requests.

As a result, the session context becomes excessively large, potentially breaking subsequent requests for that session and causing a denial-of-service (DoS) condition.

The vulnerability is due to insufficient verification of data authenticity (CWE-345) and affects all releases up to and including version 2026.5.29.2, with no patched versions available.

Compliance Impact

This vulnerability primarily causes a denial-of-service (DoS) condition by allowing an attacker to exhaust session context through forged todo-tool history entries. The main impact is on service availability and session integrity.

There is no information provided indicating that this vulnerability leads to unauthorized access, data leakage, or compromise of personal or sensitive data.

Therefore, based on the available information, this vulnerability does not directly affect compliance with data protection regulations such as GDPR or HIPAA, which focus on confidentiality, integrity, and privacy of personal data.

However, denial of service could indirectly impact availability requirements under some standards, but no explicit compliance impact is described.

Impact Analysis

The primary impact of this vulnerability is on service availability and session integrity.

An attacker can remotely cause denial of service by submitting large forged todo entries, which exhaust the session context and break subsequent requests.

This means legitimate users may experience disruptions or inability to use the Hermes Agent API service properly.

No direct code execution or data breach is required to exploit this issue, but the service may become unavailable or unstable.

Detection Guidance

This vulnerability can be detected by monitoring API server logs for unusually large or forged todo-tool history hydration entries submitted via the Hermes Agent API. Specifically, look for API requests containing conversation_history entries with role="tool" messages that include large todos JSON objects.

Since the attack involves submitting forged tool-history entries with very large todo items, detection can involve inspecting request payload sizes and patterns that cause persistent context inflation or denial of service.

Commands to help detect this might include using network traffic inspection tools like tcpdump or Wireshark to capture API requests, and using grep or jq to filter logs for suspicious large todos entries.

  • Example command to capture API traffic on port 80 (adjust port as needed): tcpdump -i any port 80 -w capture.pcap
  • Example command to search logs for large todos JSON objects: grep -i 'todos' /var/log/hermes-agent/api.log | awk 'length($0) > 1000'
  • Use jq to parse and analyze JSON entries in logs: jq '.conversation_history[] | select(.role=="tool") | .todos' api_log.json
Mitigation Strategies

Immediate mitigation steps include restricting or disabling external API access to the Hermes Agent API server to prevent attackers from submitting forged todo-tool history entries.

Implement input validation and size checks on the todos JSON objects submitted via the API to prevent large or malformed entries from being accepted.

Monitor system and application logs for signs of denial-of-service attempts related to large todo entries and consider rate limiting or blocking suspicious clients.

Since no patched versions are currently available, consider isolating the affected service or applying network-level controls such as firewalls or API gateways to limit exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14626. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart