CVE-2026-10224 NousResearch CVE debrief

Who should care

Organizations running NousResearch hermes-agent versions up to 2026.4.30 with exposed Feishu webhook endpoints. Security teams monitoring for unpatched vulnerabilities with public exploits. Infrastructure operators relying on hermes-agent for Feishu platform integration.

Technical summary

The _handle_webhook_request function in gateway/platforms/feishu.py fails to properly control resource consumption when processing incoming webhook requests. An unauthenticated remote attacker can send crafted requests to the webhook endpoint, triggering excessive resource consumption and potentially causing denial of service conditions. The vulnerability is remotely exploitable without authentication, and a public exploit has been released.

Defensive priority

medium

Recommended defensive actions

• Review and restrict access to the Feishu webhook endpoint in gateway/platforms/feishu.py
• Implement rate limiting and request size validation for webhook requests
• Monitor for abnormal resource consumption patterns on systems running hermes-agent
• Consider network-level access controls to limit exposure of the webhook endpoint
• Evaluate upgrading to a patched version when available from the vendor

Evidence notes

The vulnerability is classified as CWE-400 (Uncontrolled Resource Consumption) and CWE-404 (Improper Resource Shutdown or Release). CVSS 4.0 vector indicates network attack vector with low attack complexity, no privileges required, and low availability impact. The exploit has been publicly disclosed via GitHub Gist.

Official resources