Skip to content

Hermes Agent contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation

High severity GitHub Reviewed Published Jun 17, 2026 to the GitHub Advisory Database • Updated Jun 19, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts