CVE-2026-6829 | nesquena hermes-webui up to PR #415 /api/ path traversal

April 22, 2026 Yanac

A vulnerability described as critical has been identified in nesquena hermes-webui up to PR #415. This affects an unknown part of the file /api/. The manipulation results in path traversal.

This vulnerability is cataloged as CVE-2026-6829. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More

CVE-2026-33518 | Esri Portal for ArcGIS 11.5 privileges assignment
CVE-2026-40944 | oxia-db oxia up to 0.16.1 Certificate Chain trustedCertPool certificate validation (GHSA-7jrq-q4pq-rhm6)