{"vulnerability": "CVE-2026-49973", "sightings": [{"uuid": "57eefc06-d4f3-4c99-902b-d44498182300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49973", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mo2cdqxxsm2g", "content": "CVE-2026-49973 - Hermes WebUI\nCVE ID : CVE-2026-49973\n \n Published : June 11, 2026, 8:16 p.m. | 1\u00a0hour, 3\u00a0minutes ago\n \n Description : Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack ...", "creation_timestamp": "2026-06-11T22:42:33.790352Z"}, {"uuid": "9234cc12-3eb0-4cbb-89bc-3a94d9e2e0d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49973", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo2dledkjf23", "content": "CVE-2026-49973 - Critical improper access control in Hermes WebUI. Unauthenticated attackers can hijack initial setup, set arbitrary password, lock out operators. CVSS 9.4. No patch yet - isolate affected systems immediately. #CVE #infosec ...\n\nhttps://www.valtersit.com/cve/CVE-2026-49973/", "creation_timestamp": "2026-06-11T23:04:42.651434Z"}, {"uuid": "3b96efdd-839e-4cfd-aab7-ddf5c9ac5da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49973", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moby5x7tin2v", "content": "\ud83d\udd34 CVE-2026-49973 - Critical (9.4)\n\nHermes WebUI before version 0.51.358 contains an improper access control vulnerability that allow...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49973/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T00:01:40.335358Z"}, {"uuid": "4e209a28-3fb8-4e04-a180-0244444595a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49973", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3moby5ymkvr2i", "content": "\ud83d\udd34 CVE-2026-49973 - Critical (9.4)\n\nHermes WebUI before version 0.51.358 contains an improper access control vulnerability that allow...\n\nhttps://www.themasherwire.com/vulnerability/CVE-2026-49973/\n\n#infosec #potatosecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T00:01:41.049321Z"}]}