{"uuid": "9234cc12-3eb0-4cbb-89bc-3a94d9e2e0d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49973", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2dledkjf23", "content": "CVE-2026-49973 - Critical improper access control in Hermes WebUI. Unauthenticated attackers can hijack initial setup, set arbitrary password, lock out operators. CVSS 9.4. No patch yet - isolate affected systems immediately. #CVE #infosec ...\n\nhttps://www.valtersit.com/cve/CVE-2026-49973/", "creation_timestamp": "2026-06-11T23:04:42.651434Z"}