CVE-2026-22677
Severity CVSS v4.0:
MEDIUM
Type:
CWE-22
Path Traversal
Publication date:
13/05/2026
Last modified:
26/05/2026
Description
Hermes WebUI prior to 0.51.44 contains a path traversal vulnerability in the session import endpoint that allows authenticated attackers to read arbitrary files by importing a crafted session with an unrestricted workspace value. Attackers can supply a blocked filesystem root in the workspace field and subsequently use relative paths in the session file API to access any file readable by the WebUI process.
Impact
Base Score 4.0
6.00
Severity 4.0
MEDIUM
Base Score 3.x
6.50
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://github.com/nesquena/hermes-webui/commit/f00cb74f776f22f02f5eb6b39dfb389f87cc7fd3
- https://github.com/nesquena/hermes-webui/pull/2048
- https://github.com/nesquena/hermes-webui/releases/tag/v0.51.44
- https://www.vulncheck.com/advisories/hermes-webui-path-traversal-via-session-import-endpoint
- https://github.com/nesquena/hermes-webui/pull/2048



