CVE-2026-14627
Received Received - Intake

Improper Authentication in NousResearch Hermes-Agent

Vulnerability report for CVE-2026-14627, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-04

Last updated on: 2026-07-04

Assigner: VulDB

Description

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter._is_allowed_user of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-04
Last Modified
2026-07-04
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
nousresearch hermes-agent to 0.15.2 (inc)
nousresearch hermes-agent to 75cbdfd06b (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an authentication bypass issue in the Hermes Agent's Discord integration, specifically in the function DiscordAdapter._is_allowed_user. When the DISCORD_ALLOWED_ROLES configuration is set, the system incorrectly falls back to scanning all mutual Discord servers shared between the bot and a user to check roles. An attacker who shares a public server with the bot and obtains a role with an ID matching the restricted role can bypass authentication entirely.

This flaw allows the attacker to gain full access to the bot through direct messages or other contexts that trigger the fallback mechanism, enabling arbitrary tool execution, memory extraction, and potential compromise of the underlying infrastructure.

The root cause was a flawed fallback logic in the DiscordAdapter._is_allowed_user function, which was later fixed by limiting role checks to the originating guild.

Impact Analysis

This vulnerability can have severe impacts including unauthorized full access to the Hermes Agent bot via Discord, allowing attackers to execute arbitrary tools, extract sensitive memory contents, and potentially compromise the entire infrastructure hosting the bot.

Such unauthorized access can lead to data breaches, service disruptions, and loss of control over critical systems integrated with the bot.

Detection Guidance

Detection of this vulnerability involves checking if the Hermes Agent's Discord integration is running a vulnerable version and if the configuration uses the DISCORD_ALLOWED_ROLES setting that triggers the fallback scanning of mutual guilds.

One approach is to inspect the version of the hermes-agent package installed and verify if it is up to the vulnerable commit (up to 75cbdfd06b).

Additionally, monitoring for unusual direct message activity or unexpected role-based access in Discord bots can indicate exploitation attempts.

While no specific commands are provided in the resources, typical commands to check package versions and running processes might include:

  • pip show hermes-agent # To check the installed version of the hermes-agent Python package
  • ps aux | grep hermes-agent # To check if the hermes-agent process is running
  • Review configuration files for DISCORD_ALLOWED_ROLES settings that may trigger the vulnerable fallback logic
Mitigation Strategies

Immediate mitigation involves updating the hermes-agent package to a version that includes the patch fixing the fallback logic in the DiscordAdapter._is_allowed_user function.

If an update is not immediately possible, review and modify the DISCORD_ALLOWED_ROLES configuration to avoid triggering the fallback scanning of all mutual guilds.

Restrict the bot's permissions and monitor for suspicious activity, especially unexpected direct messages or role assignments that could indicate exploitation.

Consider temporarily disabling the Discord integration component until a patched version is deployed.

Compliance Impact

This vulnerability allows an attacker to bypass authentication and gain unauthorized access to the Hermes Agent via its Discord integration. Such unauthorized access can lead to arbitrary tool execution, memory extraction, and potential infrastructure compromise.

Given the potential for unauthorized access and data compromise, this vulnerability could negatively impact compliance with common standards and regulations such as GDPR and HIPAA, which require strict controls over data confidentiality, integrity, and access.

However, the provided information does not explicitly state the direct effects on compliance with these standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14627. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart