CVE-2026-6830

Sažetak

nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile before loading the next profile. Attackers or users can exploit additive dotenv reload behavior to access provider API keys and other sensitive secrets from one profile context in another profile, breaking expected security isolation between profiles.

Reference

https://github.com/nesquena/hermes-webui/commit/88dc8bbe26a6055161d3251b70f5cd3d3c5831b0
https://github.com/nesquena/hermes-webui/pull/351
https://github.com/nesquena/hermes-webui/releases/tag/v0.50.12
https://github.com/nesquena/hermes-webui/releases/tag/v0.50.132
https://www.vulncheck.com/advisories/nesquena-hermes-webui-environment-variable-credential-leakage-via-profile-switch

CVSS

Base:	3.3
Impact:	1.4
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	NONE	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Zadnje važnije ažuriranje

21-04-2026 - 22:16

Objavljeno

21-04-2026 - 22:16