Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-53871

CVE-2026-53871: Hermes WebUI Auth Bypass Vulnerability

CVE-2026-53871 is an authorization bypass flaw in Hermes WebUI that allows authenticated attackers to access sessions and resources across different profiles by forging cookies. This article covers technical details, affected versions, impact, and mitigation strategies.

Published:

CVE-2026-53871 Overview

CVE-2026-53871 is an authorization bypass vulnerability in Hermes WebUI versions before 0.51.368. The flaw resides in the get_profile_cookie() function, which accepts unauthenticated profile names directly from the hermes_profile cookie. An authenticated attacker can forge the cookie value to impersonate another profile and bypass profile-scoped authorization checks. Successful exploitation grants cross-profile access to sessions, files, and resources managed by the WebUI. The issue is tracked under [CWE-565: Reliance on Cookies without Validation and Integrity Checking].

Critical Impact

An authenticated low-privilege user can read and manipulate sessions, files, and resources belonging to other Hermes WebUI profiles by setting an arbitrary hermes_profile cookie value.

Affected Products

  • Hermes WebUI versions prior to 0.51.368
  • Deployments with WebUI authentication enabled and multiple profiles configured
  • Multi-tenant Hermes WebUI instances exposed to authenticated users

Discovery Timeline

  • 2026-06-17 - CVE-2026-53871 published to NVD
  • 2026-06-17 - Last updated in NVD database
  • Patch released - Hermes WebUI v0.51.368 published on GitHub

Technical Details for CVE-2026-53871

Vulnerability Analysis

Hermes WebUI uses the hermes_profile cookie to track which profile a user is currently operating under. The get_profile_cookie() helper in api/helpers.py previously extracted the cookie value and returned it directly as the active profile name. Profile-scoped authorization checks downstream then trusted that value to gate access to sessions, files, and resources.

Because cookies are client-controlled, an authenticated attacker can modify the hermes_profile value in their browser or HTTP client to any other valid profile name. The application performs no cryptographic binding between the cookie and the authenticated session token. As a result, the attacker assumes the authorization context of any profile they name, breaking the tenant-style isolation between profiles.

Root Cause

The root cause is missing integrity verification on a security-relevant cookie. The original get_profile_cookie() implementation returned the raw cookie string without verifying it was issued by the server for the active session. There was no HMAC, signature, or session binding tying a profile selection to the HttpOnly session token.

Attack Vector

The attacker must hold valid credentials for the WebUI instance. After authenticating normally, they replay any request that touches a profile-scoped endpoint while overriding the hermes_profile cookie with the name of a victim profile. The server resolves the forged profile name through get_profile_cookie() and authorizes the operation under the victim's profile context.

python
# Patched implementation in api/auth.py (excerpt)
def sign_profile_cookie_value(profile_name: str, session_cookie_value: str | None) -> str:
    """Return a profile cookie value authenticated for one WebUI session.

    The active-profile cookie is client-controlled, so when auth is enabled it
    must not be trusted as a bare profile name. Binding the selected profile to
    the HttpOnly session token prevents a client from forging
    ``hermes_profile=<other-profile>`` and bypassing profile visibility guards.
    """
    if not session_cookie_value or not verify_session(session_cookie_value):
        raise ValueError("active auth session is required to sign profile cookie")
    token = _session_token_from_cookie_value(session_cookie_value)
    if not token:
        raise ValueError("active auth session is required to sign profile cookie")
    sig = hmac.new(
        _signing_key(),
        f"profile:{token}:{profile_name}".encode(),
        hashlib.sha256,
    ).hexdigest()
    return f"{profile_name}.{sig}"


def verify_profile_cookie_value(cookie_value: str, session_cookie_value: str | None) -> str | None:
    """Verify a session-bound profile cookie and return its profile name."""
    if not cookie_value or '.' not in cookie_value:
        return None
    if not session_cookie_value or not verify_session(session_cookie_value):
        return None

Source: GitHub Commit 9e96f5f

The patch binds the profile name to the session token using an HMAC-SHA256 signature. Cookie values without a valid signature are rejected by verify_profile_cookie_value().

Detection Methods for CVE-2026-53871

Indicators of Compromise

  • Requests where the hermes_profile cookie value does not match the profile associated with the authenticated user at login
  • HTTP requests showing the same session token paired with multiple different hermes_profile cookie values in a short window
  • Access to files or session resources belonging to a profile the authenticated user is not assigned to
  • WebUI audit logs showing cross-profile reads or writes from a single authenticated identity

Detection Strategies

  • Correlate authenticated user identity with the hermes_profile cookie value on every request and alert on mismatches
  • Inspect reverse proxy or WAF logs for clients manipulating the hermes_profile cookie between requests within one session
  • Compare resource access patterns in Hermes WebUI logs against the user-to-profile mapping defined in configuration
  • Flag any hermes_profile cookie value that lacks the <profile>.<hex-signature> format introduced in v0.51.368

Monitoring Recommendations

  • Forward Hermes WebUI access and audit logs to a centralized logging or SIEM platform for retention and correlation
  • Track the rate of distinct profile values per session token and alert when this exceeds expected behavior
  • Monitor for HTTP requests where cookie tampering tools (e.g., proxy interception) precede profile-scoped API calls
  • Review historical logs since deployment for any cross-profile access that may indicate prior exploitation

How to Mitigate CVE-2026-53871

Immediate Actions Required

  • Upgrade Hermes WebUI to version 0.51.368 or later, which signs and verifies the hermes_profile cookie
  • Invalidate all active WebUI sessions after upgrading to force reissuance of signed profile cookies
  • Audit logs for cross-profile activity since the WebUI was first deployed and rotate any credentials or tokens exposed in other profiles
  • Restrict WebUI network exposure to trusted users and networks until the upgrade is applied

Patch Information

The fix is delivered in Hermes WebUI v0.51.368. The change is implemented across Pull Request #4023 and Pull Request #4036, with the consolidated commit at 9e96f5f. See the VulnCheck Advisory for additional context.

Workarounds

  • If patching is not immediately possible, disable multi-profile usage and operate the WebUI with a single profile so cross-profile access is not meaningful
  • Place Hermes WebUI behind a reverse proxy that strips or overrides the hermes_profile cookie based on the authenticated user identity
  • Limit WebUI access via network ACLs or VPN to a small set of trusted operators while the upgrade is scheduled
  • Increase log retention and review frequency to catch attempted cookie manipulation before patching
bash
# Upgrade Hermes WebUI to the patched release
pip install --upgrade 'hermes-webui>=0.51.368'

# Or, when using the upstream repository directly
git fetch --tags
git checkout v0.51.368

# Restart the WebUI service to load the patched build
systemctl restart hermes-webui

# Verify the running version
hermes-webui --version

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.