Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

NousResearch — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting NousResearch. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NousResearch develops AI research tools and platforms, focusing on advanced machine learning and data analysis solutions. Historically, their systems have been susceptible to remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure API endpoints. While no major public security incidents have been documented, the organization maintains a moderate vulnerability profile with four CVEs recorded to date. Their security posture appears typical for AI research platforms, balancing functionality with basic security measures. The company's codebase and infrastructure remain subject to standard web application risks, though no systemic weaknesses or high-impact breaches have been reported in their public-facing services.

Found 13 results / 13Clear Filters
Top products by NousResearch: hermes-agent
CVE IDTitleCVSSSeverityPublished
CVE-2026-9369 NousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins comparison — hermes-agentCWE-697 5.3 Medium2026-05-24
CVE-2026-9368 NousResearch hermes-agent Environment Variable code_execution_tool.py execute_code sandbox — hermes-agentCWE-265 7.3 High2026-05-24
CVE-2026-9367 NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection — hermes-agentCWE-78 7.3 High2026-05-24
CVE-2026-9366 NousResearch hermes-agent prompt_builder.py _scan_context_content injection — hermes-agentCWE-74 7.3 High2026-05-24
CVE-2026-9354 NousResearch hermes-agent Slack Agent/Mattermost Agent escape output — hermes-agentCWE-116 6.5 Medium2026-05-24
CVE-2026-9353 NousResearch hermes-agent Skills Guard Multi-Word Prompt skills_guard.py injection — hermes-agentCWE-74 7.3 High2026-05-24
CVE-2026-9352 NousResearch hermes-agent Messaging Gateway local.py _make_run_env information disclosure — hermes-agentCWE-200 5.3 Medium2026-05-24
CVE-2026-9351 NousResearch hermes-agent read_file Tool file_tools.py _is_blocked_device path traversal — hermes-agentCWE-22 6.5 Medium2026-05-24
CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization — hermes-agentCWE-862 7.3 High2026-05-24
CVE-2026-7397 NousResearch hermes-agent file_tools.py _check_sensitive_path symlink — hermes-agentCWE-61 4.4 Medium2026-04-29
CVE-2026-7396 NousResearch hermes-agent WeChat Work Platform Adapter wecom.py path traversal — hermes-agentCWE-22 5.3 Medium2026-04-29
CVE-2026-7113 NousResearch hermes-agent Webhooks Endpoint webhook.py missing authentication — hermes-agentCWE-306 5.6 Medium2026-04-27
CVE-2026-7112 NousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authentication — hermes-agentCWE-287 5.6 Medium2026-04-27

This page lists every published CVE security advisory associated with NousResearch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.