CVE-2026-9367 | NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63 terminal_tool tools/approval.py detect_dangerous_command os command injection

A vulnerability classified as critical has been found in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect_dangerous_command of the file tools/approval.py of the component terminal_tool. This manipulation causes os command injection.

The identification of this vulnerability is CVE-2026-9367. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More