CVE-2026-58122 - Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing
CVE ID :CVE-2026-58122 Published : July 9, 2026, 10:17 p.m. | 15 minutes ago Description :Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a...