A vulnerability labeled as critical has been found in hermes-webui Hermes WebUI up to 0.51.408 . This affects an unknown part of the file /api/auth/passkey/register/options . Executing a manipulation can lead to missing authentication. This vulnerability appears as CVE-2026-55196 . The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.