A critical authentication bypass in Hermes WebUI lets unauthenticated remote attackers spoof a loopback address to reach protected onboarding endpoints, enabling SSRF, credential theft, and persistent access token capture.
What Is It
CVE-2026-58122 is an authentication bypass vulnerability (CWE-348: Use of Less Trusted Source) affecting Hermes WebUI before version 0.51.307. The onboarding endpoints are meant to be restricted to local-origin IP addresses, but the application trusts a client-supplied X-Forwarded-For header. By sending that header with a loopback address, an unauthenticated remote attacker circumvents the IP restriction and gains access to endpoints that should only be reachable locally.
Why It Matters
Once the origin check is bypassed, the attacker can chain several high-impact actions. Per the NVD record, they can perform server-side request forgery (SSRF) against internal services, including cloud metadata endpoints, overwrite the LLM provider configuration and API keys with attacker-controlled values, or initiate OAuth device-code flows to obtain persistent access tokens stored in auth.json. The vulnerability carries a CVSS 3.1 base score of 9.1 (CRITICAL), with a network attack vector, low complexity, and no privileges or user interaction required. It rates HIGH for both confidentiality and integrity impact. (VulnCheck's CVSS 4.0 secondary metric scores it 9.3.)
Note: No CISA KEV entry was supplied for this CVE, so there is no confirmation of active exploitation in the source material.
What's Vulnerable
- Vendor/product: nesquena; hermes-webui
- Affected versions: all releases before 0.51.307 (
< 0.51.307) - Repository: https://github.com/nesquena/hermes-webui
Patch Status
The issue is fixed in Hermes WebUI 0.51.307. Operators running any earlier version should upgrade to 0.51.307 or later. The fix is available via the tagged release and the associated commit and pull request listed below.