A vulnerability marked as critical has been reported in NousResearch hermes-agent 0.8.0 . Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component WeChat Work Platform Adapter . The manipulation leads to path traversal. This vulnerability is traded as CVE-2026-7396 . It is possible to initiate the attack remotely. Furthermore, there is an exploit available.