A vulnerability marked as critical has been reported in NousResearch hermes-agent up to 0.15.x . The affected element is an unknown function of the file response_store.db of the component Conversation Handler . This manipulation causes incorrect default permissions. This vulnerability appears as CVE-2026-53870 . The attack requires local access. There is no available exploit. It is suggested to upgrade the affected component.