CVE-2026-49959 | nesquena hermes-webui up to 0.51.310 api/workspace_git.py os command injection

A vulnerability was found in nesquena hermes-webui up to 0.51.310 and classified as critical. This impacts an unknown function of the file api/workspace_git.py. Such manipulation leads to os command injection.

This vulnerability is traded as CVE-2026-49959. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More