What happened
A case-sensitivity flaw in hermes-agent's streaming reasoning tag filter lets crafted case variants slip past the filter, exposing content that should have been redacted from the stream. Published to NVD July 3, 2026, CVSS 3.1 (Low); attack complexity high.
Why it matters
Could leak internal reasoning/chain-of-thought content that operators intended to keep hidden from end users, a narrow but real information-disclosure risk in an agentic streaming pipeline.
Attack vector
GatewayStreamConsumer._filter_and_accumulate in gateway/stream_consumer.py improperly handles case sensitivity when filtering streaming reasoning tags, allowing an attacker to bypass the filter using mixed-case tags and leak content intended to be hidden (e.g., hidden chain-of-thought/reasoning tokens).
Affected systems
NousResearch hermes-agent ≤ 2026.4.30
Mitigation
Vendor has assessed the flaw but declined a dedicated fix due to maintenance cost; operators should not rely on this filter alone to keep reasoning tokens confidential.