CYBERHAWK / CVE / CVE-2026-49959

CVE-2026-49959

HIGH CVSS 8.8 other

The flaw

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-49959

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits