How is CVE-2026-55196 exploited?

Network reachability (required): The attacker must reach the Hermes WebUI service over the network; the vulnerable endpoints are exposed via HTTP without any network-layer restriction by default. Authentication (not-required): No credentials of any kind are needed; the passkey registration endpoints accept unauthenticated POST requests when the passkey feature is enabled and no passkey has been registered yet. Victim interaction (not-required): The attack is fully automated and requires no action from any user or administrator of the target application. Attack complexity (info): Exploitation is straightforward but depends on an environmental precondition: the HERMES_WEBUI_PASSKEY=1 flag must be set and the passkey store must be empty, which maps to the AT:P (attack requirements present) token in the vector.

What is the impact of CVE-2026-55196?

Attacker registers the first passkey and claims permanent administrative access to the Hermes WebUI instance. All configuration, secrets, and data managed through the WebUI become readable by the attacker using the registered passkey. The attacker can modify application settings, add or remove users, and alter any data persisted through the admin interface. Existing legitimate administrators may be locked out if the attacker reconfigures authentication settings after gaining control.

Back to search

CRITICALCVE-2026-55196Published 2026-06-17Modified 2026-06-17CNA VulnCheck

CVE-2026-55196: Hermes WebUI < 0.51.409 - Unauthenticated Passkey Registration via Authentication Bypass

Q: What is CVE-2026-55196?

An authentication bypass vulnerability in Hermes WebUI before 0.51.409 allows an unauthenticated remote attacker to register arbitrary passkeys via exposed passkey registration endpoints. The flaw is reachable over the network with no credentials required, and only triggers when HERMES_WEBUI_PASSKEY=1 is set and no passkey has yet been registered. Successful exploitation lets an attacker claim the first passkey and gain permanent administrative control over the application. A patched-image rebuild at version 0.51.409 is available on HarborGuard for environments running an affected version.

Q: How is CVE-2026-55196 fixed?

A patched-image rebuild at hermes-webui 0.51.409 is available on HarborGuard for any environment where an affected image is detected. For customers who have opted into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against the affected workload automatically.

Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey registration endpoints that allows unauthenticated remote attackers to register arbitrary passkeys. When HERMES_WEBUI_PASSKEY=1 is enabled with no existing credentials, POST /api/auth/passkey/register/options and POST /api/auth/passkey/register endpoints are accessible without authentication, allowing attackers to claim the first passkey and gain permanent administrative control.

CVSS v4.0: 9.1
Severity: CRITICAL
Fixed in: 0.51.409
Affected Products: 1

HarborGuard Analysis

Synopsis

An authentication bypass vulnerability in Hermes WebUI before 0.51.409 allows an unauthenticated remote attacker to register arbitrary passkeys via exposed passkey registration endpoints. The flaw is reachable over the network with no credentials required, and only triggers when HERMES_WEBUI_PASSKEY=1 is set and no passkey has yet been registered. Successful exploitation lets an attacker claim the first passkey and gain permanent administrative control over the application. A patched-image rebuild at version 0.51.409 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-55196 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images in connected registries and CI pipelines, including custom-built images that bundle hermes-webui. Any image running a version below 0.51.409 with this package present is flagged automatically.

Available

Triage

HarborGuard scores this CVE at CVSS 9.1 Critical and surfaces it accordingly in each environment's finding queue, weighted against the customer's configured compliance policy. Routing rules direct the alert to the team or inbox designated for Critical-severity findings within each organization.

Available

Patch

A patched-image rebuild at hermes-webui 0.51.409 is available on HarborGuard for any environment where an affected image is detected. For customers who have opted into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against the affected workload automatically.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must reach the Hermes WebUI service over the network; the vulnerable endpoints are exposed via HTTP without any network-layer restriction by default.
AuthenticationNot required
No credentials of any kind are needed; the passkey registration endpoints accept unauthenticated POST requests when the passkey feature is enabled and no passkey has been registered yet.
Victim interactionNot required
The attack is fully automated and requires no action from any user or administrator of the target application.
Attack complexityDetail
Exploitation is straightforward but depends on an environmental precondition: the HERMES_WEBUI_PASSKEY=1 flag must be set and the passkey store must be empty, which maps to the AT:P (attack requirements present) token in the vector.

Blast Radius

Attacker registers the first passkey and claims permanent administrative access to the Hermes WebUI instance.
All configuration, secrets, and data managed through the WebUI become readable by the attacker using the registered passkey.
The attacker can modify application settings, add or remove users, and alter any data persisted through the admin interface.
Existing legitimate administrators may be locked out if the attacker reconfigures authentication settings after gaining control.

How HarborGuard Handles This

Available on HarborGuard: detection of CVE-2026-55196 is active across connected registries and pipelines the moment the CVE entered the ingestion feed. For environments running a hermes-webui image below 0.51.409, a rebuilt image at the fix version is available. Customers with auto-remediation enabled receive a rebuilt image, a regression test run, and a PR opened against affected workloads; median time from CVE publication to merged patch PR for Critical-severity issues is around 90 minutes for those environments. Because this vulnerability requires a specific runtime configuration (passkey feature enabled with no existing passkey), security teams should also verify whether that condition is present in deployed containers and, where it is, treat remediation as urgent. For environments where an immediate image rebuild is not possible, compensating controls include placing the WebUI behind a network policy that restricts access to the passkey registration paths, or temporarily disabling HERMES_WEBUI_PASSKEY until the patched image is deployed.

See how HarborGuard automates this

Fix available

0.51.409

Patch commits

Patch Commit

Affected packages

hermes-webui / hermes-webui
< 0.51.409 (from 0)
Fixed in 0.51.409

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available