Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-58122— Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing

CVSS 9.1 · Critical
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-58122

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing
Source: NVD (National Vulnerability Database)
Vulnerability Description
Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to perform server-side request forgery against internal services including cloud metadata endpoints, overwrite LLM provider configuration and API keys with attacker-controlled values, or initiate OAuth device-code flows to obtain persistent access tokens stored in auth.json.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用不可信的源
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
nesquenahermes-webui 0 ~ 0.51.307 -

II. Public POCs for CVE-2026-58122

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium
Qwen3.6-35B-A3B · 7057 chars
Pro+ exclusive includes:
Vulnerability reproduction recording (real sandbox build + trigger, exclusive)
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month

III. Intelligence Information for CVE-2026-58122

登录查看更多情报信息。

Patches & Fixes for CVE-2026-58122 (2)

Vendor Advisories for CVE-2026-58122 (1)

Other References for CVE-2026-58122 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-58122

No comments yet


Leave a comment