What happened
hermes-agent's HTTP API is vulnerable to a remotely-triggerable denial-of-service condition via crafted values in the 'todos' argument. Published to NVD July 4, 2026, CVSS 4.3 (Medium).
Why it matters
Allows an unauthenticated caller to disrupt an agent's HTTP API availability, impacting any workflow depending on that agent instance, though blast radius is limited to availability (no data compromise).
Attack vector
Manipulation of the 'todos' argument passed to AIAgent.run_conversation in run_agent.py causes a denial-of-service condition, triggerable remotely.
Affected systems
NousResearch hermes-agent ≤ 2026.4.30
Mitigation
No confirmed patched version; apply input-size/type validation on the 'todos' parameter as a workaround.