📦

hermes

Vendor: hashicorp

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 2 Total Indexed
Avg. EPSS 0.07% Exploit Prob.
Latest CVE CVE-2025-1293 Feb 20

Security Vulnerability Index

Page 1 / 1
8.2 CVSS
CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0.

EPSS: 0.07%